1. Welcome! Please take a few seconds to create your free account to post threads, make some friends, remove a few ads while surfing and much more. ClutchFans has been bringing fans together to talk Houston Sports since 1996. Join us!

US confirms federal agencies hit by MOVEit breach, as hackers list more victims

Discussion in 'BBS Hangout' started by Ubiquitin, Jun 16, 2023.

  1. Ubiquitin

    Ubiquitin Contributing Member
    Supporting Member

    Joined:
    Jul 7, 2001
    Messages:
    16,980
    Likes Received:
    11,451
    https://techcrunch.com/2023/06/16/u...y-moveit-breach-as-hackers-list-more-victims/

    US confirms federal agencies hit by MOVEit breach, as hackers list more victims

    The U.S. government has confirmed that multiple federal agencies have fallen victim to cyberattacks exploiting a security vulnerability in a popular file transfer tool.

    In a statement shared with TechCrunch, CISA confirmed that “several” U.S. government agencies have experienced intrusions related to the exploitation of a vulnerability in MOVEit Transfer, an enterprise file transfer tool developed by Progress Software. The agency also attributed the attacks to the Russia-linked Clop ransomware gang, which this week started posting the names of organizations it claims to have hacked by exploiting the MOVEit flaw.

    https://techcrunch.com/2023/06/15/moveit-clop-mass-hacks-banks-universities/

    Ransomware gang lists first victims of MOVEit mass-hacks, including US banks and universities

    While the exact number of victims remains unknown, Clop on Wednesday listed the first batch of organizations it says it hacked by exploiting the MOVEit flaw. The victim list, which was posted to Clop’s dark web leak site, includes U.S.-based financial services organizations 1st Source and First National Bankers Bank; Boston-based investment management firm Putnam Investments; the Netherlands-based Landal Greenparks; and the U.K.-based energy giant Shell.

    GreenShield Canada, a non-profit benefits carrier that provides health and dental benefits, was listed on the leak site but has since been removed.

    Other victims listed include financial software provider Datasite; educational non-profit National Student Clearinghouse; student health insurance provider United Healthcare Student Resources; American manufacturer Leggett & Platt; Swiss insurance company ÖKK; and the University System of Georgia (USG).

    I am surprised this is not a bigger story. Russian hackers used a 0 day to break into federal agencies, banking, and health care companies.
     
    cmoak1982 likes this.
  2. Dr of Dunk

    Dr of Dunk Clutch Crew

    Joined:
    Aug 27, 1999
    Messages:
    45,134
    Likes Received:
    31,044
    It's been news for a couple of weeks now and, sadly, the same type of exploit was used on a couple of other software by the same gang over the past 2 or 3 years.
     
  3. London'sBurning

    London'sBurning Contributing Member

    Joined:
    Dec 5, 2002
    Messages:
    7,205
    Likes Received:
    4,808
  4. Xerobull

    Xerobull You son of a b!tch! I'm in!
    Supporting Member

    Joined:
    Jun 18, 2003
    Messages:
    32,960
    Likes Received:
    30,385

Share This Page