Communications regulator Ofcom says data on workers and controlled communications corporations was stolen by the Clop gang
By
Alex Scroxton, Security Editor
Published: 12 Jun 2023 16:06
UK communications regulator Ofcom has revealed it’s among the many organisations to have been compromised by the Russian-speaking Clop cyber crime gang following its exploit of a SQL injection vulnerability in Progress Software’s MOVEit Transfer managed file switch service.
Ofcom confirmed earlier at this time {that a} “limited amount” of details about corporations it regulates – a few of it confidential – alongside the private data of 412 of its personal workers, was downloaded in the attack.
“The security of commercially confidential and sensitive personal information provided to Ofcom is taken extremely seriously,” an Ofcom spokesperson mentioned.
“We took fast motion to forestall additional use of the MOVEit service and to implement the really useful safety measures. We additionally swiftly alerted all affected Ofcom-regulated corporations, and we proceed to supply help and help to our colleagues.
“No Ofcom systems were compromised during the attack,” they added.
NordVPN chief know-how officer Marijus Briedis commented: “Stealing private and firm data from underneath the nostril of the UK’s media regulator will likely be one other feather in the cap of the cyber criminals behind the MOVEit hack.
“The giant scale of the attack and high-profile victims just like the BBC, British Airways and now Ofcom suggests this was meticulously deliberate….
“Stealing personal and company data from under the nose of the UK’s media regulator will be another feather in the cap of the cyber criminals behind the MOVEit hack” Marijus Briedis, NordVPN
Briedis added: “This significant data heist will raise the attackers’ profile within the competitive ransomware-for-hire market that exists on the dark web. It also shows the ongoing risk of supply chain attacks on the UK, with opportunistic hackers looking to prey upon third-party services as a path to landing a big fish further down the line.”
As the clock ticks nearer to Clop’s deadline for victims to contact it – lest they discover their data leaked on-line – particulars of extra victims proceed to emerge.
Ireland’s Health Service Executive (HSE) – beforehand the sufferer of a significant ransomware attack by the Conti cyber crime syndicate – is amongst these to have disclosed a breach following the attack.
Like a variety of different victims, the HSE was compromised in a so-called provide chain attack by way of the methods of an exterior service supplier that used MOVEit Transfer, in this case skilled companies agency EY.
Progress Software’s woes proceed
Prior to the weekend, Progress Software, the corporate behind MOVEit, disclosed one other vulnerability in the product, uncovered with the assistance of third-party researchers, which can have an identical impression.
A patch for this vulnerability was launched on 9 June. MOVEit Transfer customers can discover extra particulars in regards to the vulnerability right here.
Read extra on Data breach incident administration and restoration
Progress Software releases patch for second MOVEit Transfer vulnerability
By: Alex Scroxton
Extreme Networks emerges as sufferer of Clop MOVEit attack
By: Alex Scroxton
Barracuda ESG customers instructed to throw away their {hardware}
By: Alex Scroxton
Risk & Repeat: Moveit Transfer flaw triggers data breaches
