As hackers target a flaw in the widely used file transfer utility MOVEit, concerns about the safety of sensitive data once again come to the fore. Over 15.5 million people have been affected by this massive hacking campaign, and that number is certain to climb. We’ll examine what happened, whose companies were compromised, and what this means for data security in greater detail below.
Clop ransomware has been used by attackers against the Progress Software file transfer program MOVEit. By exploiting a flaw in MOVEit Transfer’s security, hackers were able to obtain private information belonging to millions of users. Over 140 institutions, including financial institutions, educational institutions, government organizations, and utility corporations, have been identified as victims of these attacks.
This data breach is quite massive. Between 2.5 and 2.7 million Genworth Finance customers are affected, as well as 770,000 members of the California Public Employees’ Retirement System, 3.5 million Oregon drivers license holders, and roughly 6 million Louisiana residents. About 1.5 million policyholders at insurance firm Wilton Reassurance have also been affected. More than half a million people have used Talcott Resolution, and 170,000 people are recipients of the Tennessee Consolidated Retirement System.
Mass hacks like MOVEit affect more than just private citizens and businesses. One of the victims is the charity National Student Clearinghouse, which works with thousands of schools across the country. Given National Student Clearinghouse’s pervasiveness in the academic community, the fallout from the recent data hack might be significant.
Several public sector companies and universities in the United States have also been hit by cyber attacks. More than 100,000 people were exposed in a recent event, according to the U.S. Department of Health and Human Services (HHS). While it is yet unclear how extensive the breach actually is, these attacks show how susceptible government and educational organizations are to cybercrime.
Organizations that were compromised in the widespread hacks have begun conducting investigations and taking steps to limit the harm as soon as possible. One of the attacked businesses, Siemens Energy, has stated that no sensitive information was lost and that business as usual has continued unabated. Another victim, the University of California, Los Angeles (UCLA), has notified the FBI and brought in outside cybersecurity specialists to fix the problem. UCLA has not released a number of affected persons, but they are striving to contact everyone who may be affected.
The Clop ransomware organization has named several other victims who have failed to react to enquiries about the intrusion. More victims are expected to surface in the coming days and weeks, as Clop claims to have compromised hundreds of organizations.
The Clop ransomware group’s actions have been noted by the U.S. State Department, which has announced a $10 million reward for information leading to the group’s capture. This Russian-affiliated group has carried out past widespread attacks, using flaws in popular file-sharing programs like MOVEit, Fortra’s GoAnywhere, and Accellion’s file-transfer software. The bounty is a sign of how seriously these cybercriminals should be taken.
With the growing frequency of data breaches, it’s more important than ever for businesses to invest heavily in cybersecurity measures to protect their customers’ personal data. To reduce the likelihood of such assaults, it is crucial to implement stringent security measures, maintain frequent software updates, and do comprehensive vulnerability assessments.
Companies should also think about providing cybersecurity training to their staff in order to raise their level of awareness and head off any breaches that could occur due to human error. To avoid the disastrous effects of data breaches, organizations must be watchful and proactive in the face of constantly changing cyber threats.
First reported on TechCrunch