Siemens Energy and Schneider Electric have joined the growing list of apparent victims of the MOVEit Transfer vulnerability, currently being exploited by Russian ransomware gang Cl0p, which is now thought to have impacted more than 100 organisations around the world.
Siemens Energy, the energy technology business spun out from German manufacturing giant Siemens, has confirmed it has been breached, while French engineering company Schneider Electric, is investigating after its name was posted on Cl0p’s dark web blog.
Siemens Energy and Schneider Electric victims of MOVEit supply chain attack
A spokesperson for Siemens Energy, which reported revenue of €32bn last year, said the company has been impacted by what it describes as a “global security incident”. They added that “based on the current analysis no critical data has been compromised and our operations have not been affected”, saying: “We took immediate action when we learned about the incident.”
Schneider Electric, meanwhile, says it is investigating the claims made on the blog.
These two companies join an ever-growing list of victims of the vulnerability in MOVEit Transfer, a popular file transfer software used to move information securely. Publisher Progress Software disclosed the flaw three weeks ago and issued a patch, but it has already been widely exploited.
Earlier this month the BBC and British Airways admitted to being attacked, and the latest batch of victims posted on the Cl0p blog include the University of California, Los Angeles (UCLA) and pharmaceutical business AbbVie. UCLA stated briefly that its campus systems were unaffected and that “all of those who have been impacted have been notified”.
More MOVEit Transfer trouble ahead for the US public sector?
New York City’s school system has been impacted by, with the city Department for Education’s chief operating officer Emma Vadehra admitting in a letter to students and parents that the department has used MOVEit Transfer and is undertaking an investigation
“Review of the impacted files is ongoing, but preliminary results indicate that approximately 45,000 students, in addition to DOE staff and related service providers, were affected,” Vadehra wrote. “Roughly 19,000 documents were accessed without authorisation.” She added that 9,000 social security numbers may have been exposed.
More public sector organisations could be negatively impacted by the vulnerability, as many operate networks with unsecured devices, new research has revealed. Cybersecurity vendor Censys found hundreds of exposed devices within US government departments, according to research published on Monday, with the MOVEit Transfer vulnerability among several security flaws discovered.
The US Department of State and the FBI have posted a reward of up to $10m for information on the cybercriminals that form Cl0p.
Read more: Is the Wagner Group really getting into the ransomware business?
