![]() However, in a message on its leak site, Clop said, “if you are a government, city or police service… we erased all your data.” The Government of Nova Scotia, which uses MOVEit to share files across departments, also confirmed it was affected, and said in a statement that some citizens’ personal information may have been compromised. These organizations were all affected because they rely on HR and payroll software supplier Zellis, which confirmed that its MOVEit system was compromised. Multiple organizations have previously disclosed they were compromised as a result of the attacks, including the BBC, Aer Lingus and British Airways. No stolen data has been published at the time of writing, but Clop tells victims that it has downloaded “alot of your data.” New victims come forward Instead, a blackmail message posted on its dark web leak site told victims to contact the gang prior to its June 14 deadline. ![]() None of the other listed victims have yet responded to TechCrunch’s questions.Ĭlop, which like other ransomware gangs typically contacts its victims to demand a ransom payment to decrypt or delete their stolen files, took the unusual step of not contacting the organizations it had hacked. If necessary, consistent with federal and state law, notifications will be issued to any individuals affected.”įlorian Pitzinger, a spokesperson for German mechanical engineering company Heidelberg, which Clop listed as a victim, told TechCrunch in a statement that the company is “well aware of its mentioning on the Tor website of Clop and the incident connected to a supplier software.” The spokesperson added that the “incident occurred a few weeks ago, was countered fast and effectively and based on our analysis did not lead to any data breach.” Other victims listed include financial software provider Datasite educational non-profit National Student Clearinghouse student health insurance provider United Healthcare Student Resources American manufacturer Leggett & Platt Swiss insurance company ÖKK and the University System of Georgia (USG).Ī USG spokesperson, who did not provide their name, told TechCrunch that the university is “evaluating the scope and severity of this potential data exposure. GreenShield Canada, a non-profit benefits carrier that provides health and dental benefits, was listed on the leak site but has since been removed. The victim list, which was posted to Clop’s dark web leak site, includes U.S.-based financial services organizations 1st Source and First National Bankers Bank Boston-based investment management firm Putnam Investments the Netherlands-based Landal Greenparks and the U.K.-based energy giant Shell. While the exact number of victims remains unknown, Clop on Wednesday listed the first batch of organizations it says it hacked by exploiting the MOVEit flaw. Progress Software, which develops the MOVEit software, patched the vulnerability - but not before hackers compromised a number of its customers. The Russia-linked ransomware gang has been exploiting the security flaw in MOVEit Transfer, a tool used by corporations and enterprises to share large files over the internet, since late May. Clop, the ransomware gang responsible for exploiting a critical security vulnerability in a popular corporate file transfer tool, has begun listing victims of the mass-hacks, including a number of U.S.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |