Top related persons:
Top related locs:
Top related orgs:

Search resuls for: "Cl0p"


12 mentions found


[1/2] A sign indicates the direction to the offices of Progress Software in Burlington, Massachusetts, U.S., July 26, 2023. But more than two months after the breach was first disclosed by Massachusetts-based Progress Software, the parade of victims has scarcely slowed. The tallies show that nearly 40 million people have been affected so far by the hack of Progress' MOVEit Transfer file management program. Now the digital extortionists involved, a group named "cl0p", have become increasingly aggressive about thrusting their data into the public domain. MOVEit is used by organizations to ship large amounts of often sensitive data: pension information, social security numbers, medical records, billing data and the like.
Persons: Brian Snyder, Marc Bleicher, cl0p, Huntress Security's John Hammond, Christopher Budd, Sophos, Eric Goldstein, Nathan Little, Emsisoft, Bert Kondruss, Rowe Price, Maximus, Alexander Urbelis, Crowell, Goldstein, didn't, Surefire's, Raphael Satter, Zeba Siddiqui, Chris Sanders, Grant McCool Organizations: Progress Software, REUTERS, FRANCISCO, Reuters, Software, Insurance, of America, Cybersecurity, Infrastructure Security Agency, Tetra Defense, WHO, Pension, California Public Employees, Moring, U.S ., Thomson Locations: Burlington , Massachusetts, U.S, WASHINGTON, American, Massachusetts, York, New York, Louisiana, California, New York City, Oregon
Victims of Cyberattack on File-Transfer Tool Pile Up
  + stars: | 2023-07-19 | by ( Catherine Stupp | ) www.wsj.com   time to read: +6 min
The list of companies hit by a cyberattack on a widely used software tool continues to expand and several victims have filed lawsuits alleging mishandling of data. The continued disclosure of new victims affected by hackers exploiting a vulnerability in MoveIt, a common file-transfer tool from Progress Software, underscores how cyberattacks can ripple through supply chains. Some companies have been drawn into data breaches without having used MoveIt because their business partners use it. The Cl0p ransomware group has taken responsibility for the cyberattacks and posted data from some victims on its underground website. A 2021 cyberattack on a tool similar to MoveIt—Accellion’s File Transfer Appliance—had similar ripple effects.
Persons: , Brett Callow, cyberattacks, Callow, Genworth, PBI, , Shell, Rob Carr, Suzie Squier, Johns, Johns Hopkins, Emsisoft’s Callow, Catherine Stupp Organizations: Progress Software, . Progress, Progress, Shell, BBC, Energy Department, Genworth Financial, Social, PBI Research Services, U.S . Department of Health, Human Services, Colorado State University, BG Group, Johns Hopkins University, Getty Locations: British, MoveIt, Kaseya, Johns Hopkins
Dublin airport staff's salary data breached
  + stars: | 2023-07-02 | by ( ) www.reuters.com   time to read: +1 min
[1/2] An Irish Hare is seen at Dublin Airport in Dublin, Ireland, December 3, 2021. REUTERS/Clodagh Kilcoyne/File PhotoJuly 2 (Reuters) - Some Dublin airport staff's financial information has been compromised by a cyber-attack on provider company Aon (AON.N) that also affected various other firms, the Dublin Airport Authority (DAA) said on Sunday. Britain's Sunday Times reported that the attack on file-transfer software tool MOVEit, used by Aon, affected nearly 2,000 Dublin airport staff, as well other agencies and companies in the US and UK. "DAA is offering support, advice and assistance to employees impacted by this criminal cyber-attack," the Irish airport authority said, without giving further details. Reporting by Anirudh Saligrama, additional reporting by Gursimran Kaur, Editing by David Gregorio and Jonathan OatisOur Standards: The Thomson Reuters Trust Principles.
Persons: Irish Hare, Clodagh, AON, Anirudh Saligrama, Gursimran Kaur, David Gregorio, Jonathan Oatis Organizations: Dublin Airport, REUTERS, Dublin Airport Authority, Sunday Times, Thomson Locations: Irish, Dublin, Ireland
WASHINGTON, June 28 (Reuters) - The U.S. Department of Health and Human Services (HHS) was among those affected by a wide-ranging hack centered on a piece of software called MOVEit Transfer, Bloomberg News reported on Wednesday. The report comes as the hackers behind the massive breach claimed credit for stealing data from two major law firms, Kirkland & Ellis LLP and K&L Gates LLP. Kirkland and K&L did not immediately return messages left after hours. The group has previously insisted it doesn't deliberately steal data from government organizations, but that doesn't mean that data hasn't been compromised. Bloomberg cited a person familiar with the incident at HHS as saying that tens of thousands of records could have been exposed.
Persons: Ellis, cl0p, Gates, Kirkland, doesn't, Cl0p didn't, Jon Clay, TrendMicro, Raphael Satter, Lincoln Organizations: U.S . Department of Health, Human Services, Bloomberg, Kirkland, Gates, HHS, Progress Software, Thomson Locations: Russian
[1/2] A worker arrives at the Department of Health and Human Services in Washington, October 1, 2013. REUTERS/James Lawler Duggan/File PhotoWASHINGTON, June 28 (Reuters) - The U.S. Department of Health and Human Services (HHS) was among those affected by a wide-ranging hack centered on a piece of software called MOVEit Transfer, a source at HHS said on Wednesday. "While no HHS systems or networks were compromised, attackers gained access to data by exploiting the vulnerability in the MOVEit Transfer software of third-party vendors," a health department official familiar with the matter said. Hackers behind the massive breach also claimed credit for stealing data from two major law firms, Kirkland & Ellis LLP and K&L Gates LLP. Kirkland and K&L did not immediately return messages left after hours.
Persons: James Lawler Duggan, Ellis, cl0p, Gates, Kirkland, doesn't, Cl0p didn't, Jon Clay, TrendMicro, Raphael Satter, Lincoln Organizations: Department of Health, Human Services, REUTERS, WASHINGTON, U.S . Department of Health, HHS, Kirkland, Gates, Bloomberg, Progress Software, Thomson Locations: Washington, Russian
The total number of recent victims from the online extortion ring has reached 121 organizations, according to Brett Callow, whose cybersecurity company Emsisoft helps companies respond to digital shakedown attempts. In 2021, Ukrainian authorities announced the arrests of six people tied to cl0p, but it's not clear that they were core members of the group, which continued to hack victims. Plundering file transfer protocols has become increasingly popular as hackers shift from encrypting data to simply stealing files and threatening to release them unless a ransom is paid. Many of the organizations stress that the target of the hack is the file transfer service, not their systems. The FBI said it was "aware of and investigating the recent exploitation of a MOVEit vulnerability by malicious ransomware actors."
Persons: Brett Callow, encrypting, TrendMicro, didn't, Cl0p, Emsisoft, Charles Carmakal, Raphael Satter, Christopher Bing, James Pearson, Cynthia Osterman Organizations: University of California, Siemens Energy, Abbvie Inc, Schneider, Publicly, Sony, Shell PLC, Government, U.S . Energy Department, Alphabet Inc, FBI, Thomson Locations: Los Angeles, Russia, Washington, London
Siemens and UCLA say data compromised in MOVEit data breach
  + stars: | 2023-06-27 | by ( ) www.reuters.com   time to read: +1 min
The hackers behind the wide-ranging breach, Cl0p, had earlier boasted about stealing data from UCLA and Siemens on their website. Cl0p also claimed to have stolen data from biopharmaceutical company Abbvie Inc (ABBV.N) and French industrial group Schneider Electric (SCHN.PA). Siemens and UCLA provided few additional details about the scope or consequences of the breach. Siemens said none of its critical data had been compromised and its operations remained unaffected. UCLA said its campus systems were unaffected and that "all of those who have been impacted have been notified".
Persons: Cl0p, Christoph Steitz, Raphael Satter, Matthias Williams, Mark Potter Organizations: Siemens Energy, University of California, UCLA, Siemens, Abbvie Inc, Schneider, FBI, Genworth, Thomson Locations: FRANKFURT, Los Angeles, UCLA
News reports said information from more than 700,000 Calpers members and retirees was taken. The MOVEit software is widely-used by organisations around the world to share sensitive data. Genworth Financial was harder hit, saying personal information of nearly 2.5 million to 2.7 million of its customers was breached. "The personal information of a significant number of insurance policyholders or other customers of its life insurance businesses was unlawfully accessed," Genworth said. The MOVEit hack has hit several state and federal agencies.
Persons: PBI, Calpers, Genworth, Niket, Chris Sanders, Maju Samuel, Daniel Wallis Organizations: Genworth, PBI Research Services, U.S . Department of Energy, Washington DC, Thomson Locations: Calpers, Burlington , Massachusetts, Russia, Bengaluru, Washington
WASHINGTON, June 16 (Reuters) - The U.S. Department of Energy got ransom requests from the Russia-linked extortion group Cl0p at both its nuclear waste facility and the scientific education facilities that were recently hit in a global hacking campaign, a spokesperson said on Friday. Data was "compromised" at two entities within the DOE when hackers gained access through a security flaw in MOVEit Transfer. The requests came in emails to each facility, said the spokesperson, who did not say how much money was requested. "The two entities that received them did not engage," with Cl0p and there was no indication that the ransom requests were withdrawn, the spokesperson said. Cl0p has said it would not exploit any data taken from government agencies, and that it had erased all such data.
Persons: CISA, Cl0p, Allan Liska, cl0p, Liska, Timothy Gardner, Raphael Satter, Leslie Adler, Daniel Wallis Organizations: U.S . Department of Energy, DOE, Associated Universities, U.S, Cybsecurity, Infrastructure Security Agency, Thomson Locations: Russia, New Mexico, Washington
Cybersecurity and Infrastructure Security Agency (CISA) Director Jen Easterly testifies before a House Homeland Security Subcommittee, at the Rayburn House Office Building on April 28, 2022 in Washington, DC. Several U.S. agencies have been hacked as part of a broader cyberattack that has hit dozens of companies and organizations in recent weeks through a previously unknown vulnerability in popular file sharing software. "CISA is providing support to several federal agencies that have experienced intrusions," he said. Charles Carmakal, chief technology officer of Mandiant, a cybersecurity company owned by Google whose clients include government agencies, said that he was aware of some data theft from federal agencies through the MOVEIt hacks. Wendi Whitmore, who leads threat analysis for the cybersecurity company Palo Alto Networks, said that CL0P's campaign of hacking victims through MOVEIt was incredibly widespread.
Persons: Jen, Eric Goldstein, Charles Carmakal, Andrea Mitchell, Brett Callow, Wendi Whitmore, MOVEIt Organizations: Infrastructure Security Agency, Homeland Security, U.S, Google, NBC News, FBI, National Intelligence, National Security Council, Palo Alto Networks Locations: Rayburn, Washington ,, MOVEIt
US government agencies hit in global hacking spree
  + stars: | 2023-06-15 | by ( ) www.reuters.com   time to read: +2 min
June 15 (Reuters) - The U.S. government has been hit in a global hacking campaign that exploited a vulnerability in widely used software but does not expect it to have significant impact, the nation's cyber watchdog agency said on Thursday. CISA did not identify the agencies that were hit or say exactly how they had been affected. The FBI and National Security Agency also did not immediately respond to emails seeking details on the breaches. MOVEit, made by Progress Software Corp (PRGS.O), is typically used by organizations to transfer files between their partners or customers. Neither Cl0p nor Progress immediately responded to requests for comment.
Persons: Eric Goldstein, cybersecurity, CISA, Jen, MOVEit, John Hammond, Huntress, Raphael Satter, Kanishka Singh, Zeba Siddiqui, Tanna, Chandi Shah, Jonathan Oatis, Angus MacSwan, Bill Berkrot Organizations: U.S, Cybersecurity, Infrastructure Security Agency, CNN, FBI, National Security Agency, MSNBC, Progress Software Corp, Progress, CITY, Thomson Locations: U.S, United States
BA, BBC and Boots caught up in file transfer hack
  + stars: | 2023-06-05 | by ( ) www.reuters.com   time to read: +2 min
BA, the BBC and Boots said the breach occurred at their payroll provider, Zellis. The provincial government of Nova Scotia, in Canada, was also hit by the breach. The data from Zellis and the Nova Scotia government was exposed through their use of the MOVEit file transfer software, both organizations said in separate statements. The Nova Scotia government did not immediate return a request for comment. Boots, part of Walgreens Boots Alliance (WBA.O), said the attack had included some of its employees' personal details.
Persons: Boots, Zellis, Nova, Colton LeBlanc, MOVEit, extortionists, Raphael Satter, Sarah Young, Muvija, Eva Mathews, Paul Sandle, Bill Berkrot Organizations: British Airways, BBC, Nova, Security, Digital Solutions, IAG, Walgreens Boots Alliance, Progress Software, Microsoft, Reuters, Britain . British Airways, Thomson Locations: Nova Scotia, Canada, Zellis, Britain, Washington, London, Bengaluru
Total: 12