Security News > 2023 > June > Clop ransomware gang starts extorting MOVEit data-theft victims
The Clop ransomware gang has started extorting companies impacted by the MOVEit data theft attacks, first listing the company's names on a data leak site-an often-employed tactic before public disclosure of stolen information.
The Clop gang took responsibility for the attacks, claiming to have breached "Hundreds of companies" and warning that their names would be added to a data leak site on June 14th if negotiations did not occur.
If an extortion demand is not paid, the threat actors say they will begin leaking stolen data on June 21st. Clop begins extorting companies.
Yesterday, the Clop threat actors listed thirteen companies on their data leak site but did not state if they were related to the MOVEit Transfer attacks or were ransomware encryption attacks.
German printing company Heidelberger Druck told BleepingComputer that while they use MOVEit Transfer, their analysis indicates it did not lead to any data breach.
While the other companies listed on Clop's site have not responded to our emails, Macnica security researcher Yutaka Sejiyama shared data with BleepingComputer confirming that they currently use the MOVEit Transfer platform or have done so in the past.