At the end of May 2023, a Zero Day vulnerability was discovered by risk analysing firm Kroll and on June 7th of this year, Clop ransomware gang published on its blog that they have gained access to the servers of MOVEit software via Zellis Payroll software and urged the victims to contact via the blog post, as their email response could go at snail pace as the number of victims related to the incident was large.
Going forward, let us list out the victims who have been impacted by the attack after the hack-ers gained control of Moveit file transfer software worldwide, a business unit of Progress Software.
1. The US Department of Energy,
2. Shell company,
3. First National Bankers Bank
4. Putnam Investments
5. Datasite
6. Swizz Insurance company ‘OKK’
7. Leggett & Platt
8. Multinational firm PricewaterhouseCoppers(Pwc)
9. Ernst & Young
10. Health Services Ireland
11. BBC
12. British Airways
13. Boots Retail
14. Medibank
15. Rochester Hospital
16. GreenShield Canada
17. Datasite
18. National Student Clearinghouse
19. United Healthcare Student Resources
20. University System of Georgia
21. German brand Heidelberg
22. Aer Lingus
23. Government of Nova Scatia
24. Johns Hopkins University
25. Ofcom
26. Transport for London (TfL)
27. Ernst and Young
NOTE- Microsoft has confirmed the presence of Clop ransomware suspects, linked to Russian intelligence behind the incident and reaffirmed that health organizations and financial institutions could be the next target of the notorious file encrypting malware spreading gang that is into double extortion.
The post List of victimized companies of MOVEit Cyber Attack appeared first on Cybersecurity Insiders.