View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
June 28, 2023updated 03 Jul 2023 1:19pm

Siemens Energy and Schneider Electric join rapidly growing list of MOVEit Transfer vulnerability victims

The two companies have appeared on ransomware gang Cl0p's dark web blog. Other public and private sector organisations are likely to follow.

By Claudia Glover

Siemens Energy and Schneider Electric have joined the growing list of apparent victims of the MOVEit Transfer vulnerability, currently being exploited by Russian ransomware gang Cl0p, which is now thought to have impacted more than 100 organisations around the world.

Siemens has joined list of  apparent MOVEit Transfer victims
Siemens among new victims of MOVEit hack. (Photo by JPstock/Shutterstock)

Siemens Energy, the energy technology business spun out from German manufacturing giant Siemens, has confirmed it has been breached, while French engineering company Schneider Electric, is investigating after its name was posted on Cl0p’s dark web blog.

Siemens Energy and Schneider Electric victims of MOVEit supply chain attack

A spokesperson for Siemens Energy, which reported revenue of €32bn last year, said the company has been impacted by what it describes as a “global security incident”. They added that “based on the current analysis no critical data has been compromised and our operations have not been affected”, saying: “We took immediate action when we learned about the incident.”

Schneider Electric, meanwhile, says it is investigating the claims made on the blog.

These two companies join an ever-growing list of victims of the vulnerability in MOVEit Transfer, a popular file transfer software used to move information securely. Publisher Progress Software disclosed the flaw three weeks ago and issued a patch, but it has already been widely exploited.

Earlier this month the BBC and British Airways admitted to being attacked, and the latest batch of victims posted on the Cl0p blog include the University of California, Los Angeles (UCLA) and pharmaceutical business AbbVie. UCLA stated briefly that its campus systems were unaffected and that “all of those who have been impacted have been notified”.

More MOVEit Transfer trouble ahead for the US public sector?

New York City’s school system has been impacted by, with the city Department for Education’s chief operating officer Emma Vadehra admitting in a letter to students and parents that the department has used MOVEit Transfer and is undertaking an investigation

Content from our partners
DTX Manchester welcomes leading tech talent from across the region and beyond
The hidden complexities of deploying AI in your business
When it comes to AI, remember not every problem is a nail

“Review of the impacted files is ongoing, but preliminary results indicate that approximately 45,000 students, in addition to DOE staff and related service providers, were affected,” Vadehra wrote. “Roughly 19,000 documents were accessed without authorisation.” She added that 9,000 social security numbers may have been exposed.

More public sector organisations could be negatively impacted by the vulnerability, as many operate networks with unsecured devices, new research has revealed. Cybersecurity vendor Censys found hundreds of exposed devices within US government departments, according to research published on Monday, with the MOVEit Transfer vulnerability among several security flaws discovered.

The US Department of State and the FBI have posted a reward of up to $10m for information on the cybercriminals that form Cl0p.

Read more: Is the Wagner Group really getting into the ransomware business?

Topics in this article :
Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.