The government of Maine has confirmed that a data breach earlier this year resulted in the theft of personal information belonging to over 1.3 million state residents. The breach, carried out by a Russia-linked ransomware gang, exploited a vulnerability in the state's MOVEit file-transfer system. The stolen information includes names, dates of birth, Social Security numbers, driver's licenses, and other identification numbers. Some individuals also had their medical and health insurance information compromised. The breach primarily affected Maine's Department of Health and Human Services and Department of Education. The incident is part of a larger mass hack involving MOVEit servers, with over 2,500 organizations and 69 million people affected so far.
Hackers have exploited a security vulnerability in the MOVEit file transfer tool, compromising the personal data of over 15.5 million individuals. The number of victim organizations affected by the Clop ransomware attacks continues to grow, with more than 140 known victims, including U.S. government agencies, universities, and public sector organizations. The list of casualties includes Oregon driver's license holders, Louisiana residents, members of the California Public Employees' Retirement System, Genworth Finance clients, Wilton Reassurance customers, Tennessee Consolidated Retirement System beneficiaries, and Talcott Resolution customers. The University of California-Los Angeles (UCLA) and Siemens Energy are among the newly listed victims. The exact number of impacted organizations and individuals remains unknown, and more victims are expected to come to light. The U.S. State Department has offered a $10 million bounty for information on the Clop ransomware group.
A data breach affecting nearly 45,000 students and staff members of NYC Public Schools has been reported. The breach occurred through a file transfer software called MOVEit, and approximately 19,000 documents were accessed without authorization. The impacted data includes student evaluations, Medicaid reports, and internal records related to Department of Education employees. The Department of Education is working with NYC Cyber Command to remediate the issue and has no reason to believe there is any ongoing unauthorized access to DOE systems.
Harris Health System has disclosed a cyberattack that exposed patient and employee information due to vulnerabilities in the MOVEit file transfer software. The breach has not affected operations or patient care, and the hospital system is working to assess the full scope of the incident. Harris Health will notify impacted individuals directly and has set up a call center for questions. The breach has impacted multiple companies across different industries, including the US government and private sector companies.
Millions of Americans are at risk of identity theft due to a massive cyberattack on the file-transfer program MOVEit, affecting numerous firms, federal and state agencies, and universities. The Louisiana and Oregon DMVs have confirmed that driver's license data of millions of residents may have been compromised. The Russian hacker group Clop has claimed responsibility for the attack, but there is no record of the stolen data being sold or released. To protect themselves, individuals are advised to monitor their accounts, place a fraud alert, check their credit reports, freeze their credit, be cautious of phishing attempts, enable two-factor authentication, and invest in identity theft protection.
A Russian ransomware gang, Cl0p, breached the Department of Energy and several other federal agencies through a file-transfer program called MOVEit, which is widely used by businesses to securely share files. The impact is not expected to be great, and the attack is largely opportunistic. The gang claimed that its victims numbered in the hundreds, including patrons of at least two state motor vehicle agencies, and demanded a ransom. The U.S. officials have no evidence to suggest coordination between Cl0p and the Russian government.
Progress Software has issued a patch for a third critical vulnerability in its MOVEit file transfer suite, CVE-2023-35708, which was disclosed a day earlier. A proof-of-concept exploit for the flaw was also made public on the same day. The vulnerability is another SQL injection flaw that could allow an unauthenticated attacker to break into organizations' MOVEit Transfer database and steal its content. The Clop ransomware gang has exploited MOVEit's security shortcomings to steal data from organizations, with Shell reportedly becoming the first organization to have its stolen data published on the Clop leak site.
A global cyberattack by Russian cybercriminals has targeted federal and state agencies, private companies, and universities, exploiting a vulnerability in MOVEit software. The ransomware gang, Clop, is demanding multimillion-dollar payments from victims before publishing data it claims to have hacked. The full extent of the attack is not yet known, and victims are working to understand how much data was compromised. Consumers are advised to maintain usual cybersecurity precautions, but much of the responsibility now lies on businesses and federal agencies to update their software and protect against future attacks.
The ongoing cyberattacks on the software MOVEit have impacted several organizations, including transportation agencies in Oregon and Louisiana, universities, and the Department of Energy. The attacks have largely been attributed to a Russian-speaking criminal group, and personal information such as names, addresses, and social security numbers have been stolen. While the Cybersecurity and Infrastructure Security Agency has not observed any data leaks or extortion demands, users of MOVEit are advised to install a patch to eliminate the software vulnerability used by hackers.
Hacker group Clop has published the names and company profiles of dozens of victims of a global mass hack, including banks, universities, and US federal bodies, on its darknet website. The group is using the leak site to pressure victims into paying ransom to avoid their data being breached. The mass hack is likely to have affected hundreds of organizations around the world, with around 50 confirmed so far. The hack was first disclosed on May 31 when US company Progress Software said hackers had found a way to break into its MOVEit Transfer tool.
Multiple U.S. government agencies, including the Department of Energy, were targeted in a global cyberattack on the widely used file-transfer service MOVEit. The attack was carried out by a Russian-speaking criminal group, which has been blamed for several recent attacks exploiting MOVEit. The government has not received any extortion demands or observed any data leaks, and users of MOVEit can now install a patch to eliminate the software vulnerability used by hackers. The software company Progress, which operates MOVEit, has rolled out security patches and is engaged with federal law enforcement and other agencies.
Several U.S. federal agencies have been hacked as part of a broader cyberattack that exploited a vulnerability in the popular file sharing software MOVEIt. The Cybersecurity and Infrastructure Security Agency is investigating the scope of the hacks and providing support to affected agencies. The hackers, believed to be the ransomware group CL0P, have stolen data from at least 47 organizations and demanded payment not to publish them online. It is unclear whether the stolen files were sensitive or whether the hackers had disrupted government systems. This is the third known time in as many years that foreign hackers have been able to break into multiple federal agencies and steal information.
Ransomware gang Clop has listed the first batch of victims of its mass-hacks, which exploited a critical security vulnerability in the MOVEit Transfer tool used by corporations and enterprises to share large files over the internet. The victim list includes US-based financial services organizations, universities, and energy giant Shell. While the exact number of victims remains unknown, researchers report that Clop may have been exploiting the MOVEit vulnerability as far back as 2021. Many more victims are expected to be revealed in the coming days and weeks, with thousands of MOVEit servers still discoverable on the internet.
Progress Software has issued another patch for its MOVEit file transfer suite after cybersecurity firm Huntress discovered more vulnerabilities that could be exploited. The original attack, which targeted high-profile companies like British Airways, the BBC and Boots, exploited a SQL injection vulnerability in the MOVEit document transfer app to gain access to environments and exfiltrate data. Meanwhile, the FBI's decision to seed a compromised secure messaging app into the criminal underworld five years ago is still paying dividends, with US officials offering a $5m reward for the apprehension of one of the duped criminals who sold access to the compromised comms system.
The Clop ransomware group has exploited a vulnerability in the file transfer tool MOVEit to break into computer networks globally and steal sensitive information. The group has issued an extortion notice to potentially hundreds of affected companies, warning that they must contact the gang or be named on the group's extortion site. The US Cybersecurity and Infrastructure Security Agency has issued an advisory regarding Clop's campaign, warning that the gang has historically compromised thousands of organizations. Nova Scotia government and the University of Rochester are the first victims to be identified in North America.
