SoatDev IT Consulting
SoatDev IT Consulting
  • About us
  • Expertise
  • Services
  • How it works
  • Contact Us
  • News
  • June 16, 2023
  • Rss Fetcher

The U.S. government has confirmed that multiple federal agencies have fallen victim to cyberattacks exploiting a security vulnerability in a popular file transfer tool.

In a statement shared with TechCrunch, CISA confirmed that “several” U.S. government agencies have experienced intrusions related to the exploitation of a vulnerability in MOVEit Transfer, an enterprise file transfer tool developed by Progress Software. The agency also attributed the attacks to the Russia-linked Clop ransomware gang, which this week started posting the names of organizations it claims to have hacked by exploiting the MOVEit flaw.

CISA did not say how many agencies were impacted by the attacks, which CNN first reported, and didn’t name the agencies affected. However, the Department of Energy confirmed to TechCrunch that two of its entities were among those breached. 

“Upon learning that records from two DOE entities were compromised in the global cyberattack on the file-sharing software MOVEit Transfer, DOE took immediate steps to prevent further exposure to the vulnerability and notified the Cybersecurity and Infrastructure Security Agency (CISA),” a DoE spokesperson said. “The Department has notified Congress and is working with law enforcement, CISA, and the affected entities to investigate the incident and mitigate impacts from the breach.”

According to the Federal News Network, Oak Ridge Associated Universities and a Waste Isolation Pilot Plant located in New Mexico were the two DOE entities impacted by the vulnerability, exposing “the personally identifiable information of potentially tens of thousands of individuals, including Energy employees and contractors.”

Around a dozen other U.S. agencies have active MOVEit contracts, according to the Federal Data Procurement System. This includes the Department of the Army, the Department of the Air Force and the Food and Drug Administration.

In a press conference on Thursday addressing the MOVEit vulnerability, CISA director Jen Easterly said the cybersecurity agency is working with impacted agencies “urgently to understand impacts and ensure timely remediation.” While it’s not yet known whether data has been stolen, Easterly added that the intrusions are not being leveraged to “steal specific high value information” or to gain persistence into targeted systems.

“In sum, as we understand it, this attack is largely an opportunistic one,” Easterly said. “In addition, we are not aware of Clop actors threatening to extort or release any data stolen from U.S. government agencies.”

In a new update posted to its dark web leak site, Clop claimed that government data had been erased and no government agencies have yet been listed as victims.

However, Clop has added another batch of victims that it claims to have compromised via the MOVEit vulnerability, including the Boston Globe, California-based East Western Bank, New York-based biotechnology company Enzo Biochem and Microsoft-owned AI firm Nuance. None of the newly listed companies have responded to TechCrunch’s questions. 

The Russia-linked ransomware group posted the first batch of impacted organizations – a list that includes U.S.-based financial services organizations 1st Source and First National Bankers Bank and U.K. energy giant Shell – just one day earlier. 

As new victims continue to come to light, Progress Software has rushed to patch a new vulnerability impacting MOVEit Transfer. This vulnerability, tracked as CVE-2023-35708, could lead to unauthorized access to customer environments, Progress warned in its advisory.

Ransomware is a global problem that needs a global solution

US confirms federal agencies hit by MOVEit breach, as hackers list more victims by Carly Page originally published on TechCrunch

Previous Post
Next Post

Recent Posts

  • Trump pulls Musk ally’s NASA Administrator nomination
  • Left-leaning influencers embrace Bluesky without abandoning X, Pew says
  • NAACP calls on Memphis officials to halt operations at xAI’s ‘dirty data center’
  • Meta plans to automate many of its product risk assessments
  • The ellipse hidden inside Pascal’s triangle

Categories

  • Industry News
  • Programming
  • RSS Fetched Articles
  • Uncategorized

Archives

  • May 2025
  • April 2025
  • February 2025
  • January 2025
  • December 2024
  • November 2024
  • October 2024
  • September 2024
  • August 2024
  • July 2024
  • June 2024
  • May 2024
  • April 2024
  • March 2024
  • February 2024
  • January 2024
  • December 2023
  • November 2023
  • October 2023
  • September 2023
  • August 2023
  • July 2023
  • June 2023
  • May 2023
  • April 2023

Tap into the power of Microservices, MVC Architecture, Cloud, Containers, UML, and Scrum methodologies to bolster your project planning, execution, and application development processes.

Solutions

  • IT Consultation
  • Agile Transformation
  • Software Development
  • DevOps & CI/CD

Regions Covered

  • Montreal
  • New York
  • Paris
  • Mauritius
  • Abidjan
  • Dakar

Subscribe to Newsletter

Join our monthly newsletter subscribers to get the latest news and insights.

© Copyright 2023. All Rights Reserved by Soatdev IT Consulting Inc.