Clop Ransomware Gang Identified as Perpetrators of MOVEit Mass-Hacks, First Victims Speak Out – Microsoft – Global Village Space | #ransomware | #cybercrime

A new wave of mass-hacks targeting the popular file transfer tool MOVEit Transfer has been linked to the Clop ransomware gang by security researchers. The vulnerability exploited by hackers allows them to gain unauthorized access to an affected MOVEit server’s database. Progress Software, which develops the MOVEit software, has released some patches to address the issue. The first victims of the attacks have come forward, including U.K.-based human resources software maker and payroll provider Zellis, which confirmed that its MOVEit system was compromised, affecting a “small number” of its corporate customers. One of those customers is British Airways, which confirmed that the breach included the payroll data of all of its U.K.-based employees. The U.K.’s BBC also confirmed it was affected by the incident affecting Zellis. The government of Nova Scotia, which uses MOVEit to share files across departments, said in a statement that some citizens’ personal information may have been compromised. Microsoft security researchers are attributing the cyberattacks to a group it tracks as “Lace Tempest,” a known affiliate of the Russia-linked Clop ransomware group.

Source link

National Cyber Security