Security News

The number of victim organizations hit by Cl0p via vulnerable MOVEit installations has surpassed 2,000, and the number of affected individuals is now over 60 million. The victim organizations are overwhelmingly based in the US. "The most heavily impacted sectors are finance and professional services and education, which account for 13.8 percent and 51.1 percent of incidents respectively," Emsisoft researchers have shared on Monday.

US educational nonprofit organization National Student Clearinghouse has revealed that the breach of its MOVEit server ended up affecting almost 900 colleges and universities, and resulted in the theft of personal information of their students. NSC has filed a breach notification letter with the California Attorney General's Office on behalf of the affected schools.

The MOVEit hack was not the same as classic ransomware attacks for which groups like Clop initially gained notoriety. Emerging digital forensic analysis from the aftermath of MOVEit suggests the hackers knew about the zero-day flaw in MOVEit as far back as 2021 when they tested it out covertly to see how much access they could get.

The Colorado Department of Health Care Policy & Financing is alerting more than four million individuals of a data breach that impacted their personal and health information. The data breach was possible after Clop ransomware exploited the MOVEit Transfer zero-day in a hacking campaign that impacted hundreds of organizations worldwide.

Missouri's Department of Social Services warns that protected Medicaid healthcare information was exposed in a data breach after IBM suffered a MOVEit data theft attack. Yesterday, the Missouri Department of Social Services disclosed a data breach that exposed health information related to Medicaid services in the state.

Serco Inc, the Americas division of multinational outsourcing company Serco Group, has disclosed a data breach after attackers stole the personal information of over 10,000 individuals from a third-party vendor's MoveIT managed file transfer server. "On June 30, 2023, Serco was made aware that our third-party benefits administration provider, CBIZ, experienced a ransomware attack and data breach," the company explained.

Accounting giant Deloitte, pizza and birthday party chain Chuck E. Cheese, government contractor Maximus, and the Hallmark Channel are among the latest victims that the Russian ransomware crew Clop claims to have compromised via the MOVEit vulnerability. The biz now joins PwC and Ernst and Young - all three big accounting firms - among the hundreds of organizations compromised by Clop via a security hole in vulnerable deployments of the file-transfer tool MOVEit.

Accounting giant Deloitte, pizza and birthday party chain Chuck E. Cheese, government contractor Maximus, and the Hallmark Channel are among the latest victims that the Russian ransomware crew Clop claims to have breached using the MOVEit file transfer hack. "Immediately upon becoming aware of this zero-day vulnerability, Deloitte applied the vendor's security updates and performed mitigating actions in accordance with the vendor's guidance," a Deloitte Global spokesperson explained.

The number of known Cl0p victims resulting from its Memorial Day attack on vulnerable internet-facing MOVEit Transfer installations has surpassed 420, according to IT market research company KonBriefing Research. Cl0p's attack resulted in the cybercriminal group exfiltrating sensitive information from MOVEit Transfer installations run either by the victim organizations or third-party service providers.

The Clop ransomware gang is copying an ALPHV ransomware gang extortion tactic by creating Internet-accessible websites dedicated to specific victims, making it easier to leak stolen data and further pressuring victims into paying a ransom. This stolen data is used as leverage in double-extortion attacks, warning victims that the data will be leaked if a ransom is not paid.