Ransomware gang Cl0p has added a further nine alleged victims to its dark web blog, with the companies thought to have fallen foul of the MOVEit Transfer vulnerability cyberattack. The list of businesses that have been impacted by the ongoing hack now stands at more than 100.
Russia-based Cl0p added the victims earlier today. As reported by Tech Monitor, they join the likes of TV channel Discovery, which was posted by Cl0p last week. Deutsche Bank also confirmed in recent days it had seen customer data exposed, probably as the result of a supplier having suffered a MOVEit Transfer vulnerability breach.
Nine companies join Cl0p’s MOVEit Transfer vulnerability cyberattack victims
The businesses posted today on the Cl0p dark web blog include managed services provider CompuCom, which is based in the US and manages IT for five of the top ten in the Fortune 500. It claims its services support more than nine million devices belonging to customers around the world.
Also on the list is Frankfurt-listed electric vehicle parts company Vitesco Technologies, a $9.5bn revenue business that spun out of tyre Continental AG in 2021.
CL0P #ransomware group added 9 new victims to their #darkweb portal.
— FalconFeedsio (@FalconFeedsio) July 17, 2023
– TJX Companies Inc 🇺🇸
– Vitesco Technologies 🇩🇪
– Valmet 🇫🇮
– Fortescue 🇦🇺
– DESMI 🇩🇰
– Crum & Forster 🇺🇸
– Compucom 🇺🇸
– Sierra Wireless 🇨🇦
– RCI 🇺🇸#clop #moveit #deepweb #cyberrisk #infosec #USA #Germany… pic.twitter.com/7u3lcQA1si
Also named among the apparent new victims is Sierra Wireless, a wireless communications and IoT vendor based in Canada. It is not clear what data has been accessed, and whether ransom demands and deadlines have been issued. Tech Monitor has approached the companies for comment.
MOVEit Transfer vulnerability cyberattack has big ramifications
The MOVEit Transfer vulnerability is proving to be one of the largest supply chain cyberattacks in history, with Cl0p discovering and exploiting a previously unknown flaw in the MOVEit Transfer, a platform that is used by businesses around the world to share documents securely.
Its impact has been so large because Cl0p has been able to break the systems of MOVEit Transfer users and steal data about them and their customers. Progress Software, which owns MOVEit Transfer, has published a patch that fixes the problem, but more big-name victims are being exposed each week.
An initial batch of companies impacted included British Airways, the BBC and Boots, all of which saw their data exposed when a payroll platform the trio used was hit by the Cl0p hackers.
Businesses such as PwC, Shell and Sony have also been added to the gang’s victim blog, and workers at Dublin Airport were told two weeks ago that their personal information had probably been stolen as part of the breach.
The UK’s National Cyber Security Centre has published an advisory about the vulnerability, stating that it “strongly encourages organisations to take immediate action by following vendor best practice advice and applying the recommended security updates”.