Cybercriminals have exploited Accellion File Transfer Appliance (FTA) zero-day vulnerabilities to steal and extort data from various global organizations, according to FireEye. The news comes after Accellion earlier this month said it patched all known FTA vulnerabilities exploited by cybercriminals.Several organizations have issued warnings following Accellion FTA breaches, including:Kroger: The U.S. supermarket chain last week said some of its customers and employees may have had their data compromised by a malicious third-party that exploited a vulnerability in Accellion FTA. Reserve Bank of New Zealand: Hackers breached the Reserve Bank of New Zealand's Accellion FTA service to share information with external stakeholders. Singtel: Singtel temporarily suspended use of Accellion's FTA system after it was attacked by unidentified hackers. University of Colorado Boulder: Cybercriminals used Accellion FTA vulnerabilities to breach the school's Office of Information Technology (OIT); files available on OIT's system were exposed during the attack. Malicious actors began to exploit zero-day vulnerabilities in Accellion FTA in mid-December, FireEye noted. They used the vulnerabilities to install the DEWMODE web shell. In late January, organizations that had been impacted by Accellion FTA attacks the month prior began to receive extortion emails from malicious actors, FireEye stated. Malicious actors used these emails to threaten to publish stolen data from victims.