The risk analysis firm Kroll discovered a significant Zero Day vulnerability by the end of May 2023. The subsequent attack on MOVEit software, a business unit of Progress Software, by the notorious Clop ransomware gang sent shockwaves through the cybersecurity community.
On June 7th, the Clop ransomware gang boldly announced on its blog that they had successfully infiltrated the servers of MOVEit software through Zellis Payroll software. This breach compromised organizations worldwide, leaving a considerable number of victims in its wake.
Organizations Impacted by the Attack
- The US Department of Energy,
- Shell company
- First National Bankers Bank
- Putnam Investments
- Datasite
- Swizz Insurance company ‘OKK’
- Leggett & Platt
- Multinational firm PricewaterhouseCoppers(Pwc)
- Ernst & Young
- Health Services Ireland
- BBC
- British Airways
- Boots Retail
- Medibank
- Rochester Hospital
- GreenShield Canada
- Datasite
- National Student Clearinghouse
- United Healthcare Student Resources
- University System of Georgia
- German brand Heidelberg
- Aer Lingus
- Government of Nova Scatia
- Johns Hopkins University
- Ofcom
- Transport for London (TfL)
- Ernst and Young
Microsoft, in its investigations, confirmed the involvement of Clop ransomware suspects with ties to Russian intelligence. This revelation further highlighted the potential targeting of health organizations and financial institutions by the malevolent gang. The threat of file encrypting malware and double extortion tactics continues to grow, underscoring the urgency to bolster cybersecurity measures.