Home Security US confirms MOVEit breach, as hackers name additional victims for these federal agencies

US confirms MOVEit breach, as hackers name additional victims for these federal agencies

0
US confirms federal agencies hit by MOVEit breach, as hackers list more victims-bhavintechglobal.com

The American government has verified that a number of governmental institutions have been the target of cyberattacks that took advantage of a popular file transfer tool’s security flaw.

CISA acknowledged to TechCrunch in a statement that “several” U.S. government entities had incursions as a result of the exploitation of a flaw in Progress Software’s enterprise file transfer application MOVEit Transfer. The organisation also linked the attacks to the Russia-related Clop ransomware gang, which this week began publishing the names of the companies it says it has breached via the MOVEit vulnerability.

The attacks, which were first reported by CNN, affected an unknown number of agencies, but CISA did not identify them. However, the Department of Energy confirmed to TechCrunch that two of its entities were among those breached. 

According to a DoE spokesperson, “DOE took immediate action to prevent further exposure to the vulnerability and notified the Cybersecurity and Infrastructure Security Agency (CISA) upon learning that records from In the widespread cyberattack on the file-sharing programme MOVEit Transfer, two DOE organisations were compromised. The Department is investigating the incident and working to mitigate the consequences of the breach. has alerted Congress and is collaborating with law enforcement, CISA, and the affected companies.

The Federal News Network reports that the two DOE entities affected by the vulnerability are Oak Ridge Associated Universities and a waste isolation pilot plant in New Mexico, which exposed “the potentially tens of thousands of individuals’ personally identifiable information, including Energy employees and contractors.”

According to the Federal Data Procurement System, MOVEit contracts are now active with about a dozen other U.S. agencies. The Food and Drug Administration, the Department of the Army, and the Department of the Air Force are included in this.

Director of CISA Jen Easterly stated during a news conference on Thursday regarding the MOVEit vulnerability that the cybersecurity organisation is “urgently working with affected agencies to understand impacts and ensure timely remediation.” The theft of data may or may not have already occurred, but Easterly went on to say that the attacks are not being used to “either to create an enduring presence in the systems they are targeting or to steal specific high value information.

 In conclusion, this attack is mostly opportunistic from what we can see, Easterly stated. “In addition, we are not aware of any Clop actors threatening to extort or release any data stolen from U.S. government agencies.”

Clop stated that federal data had been deleted and that no government entities had yet been named as victims in a recent update published to its dark web leak site.

The Boston Globe, the East Western Bank in California, the biotechnology company Enzo Biochem in New York, and the Microsoft-owned AI company Nuance are among the many victims that Clop has listed as having been affected by the MOVEit vulnerability.

According to Lynn Granito, a spokeswoman for the agency that represents Enzo, the business won’t be making any comments. The other newly listed businesses have not replied to TechCrunch’s inquiries. 

Just one day earlier, the ransomware gang with ties to Russia revealed the initial list of affected companies, which included the U.S.-based financial services companies 1st Source and First National Bankers Bank as well as the U.K. energy giant Shell. 

Progress Software has scrambled to remedy a fresh vulnerability affecting MOVEit Transfer as more victims are discovered. According to Progress’ alert, this vulnerability, identified as CVE-2023-35708, could allow unauthorised access to client environments.

LEAVE A REPLY

Please enter your comment!
Please enter your name here