UK communications regulator Ofcom has revealed it’s among the many organisations to have been compromised by the Russian-speaking Clop cyber crime gang following its exploit of a SQL injection vulnerability in Progress Software’s MOVEit Transfer managed file switch service.
Ofcom confirmed earlier right this moment {that a} “limited amount” of details about firms it regulates – a few of it confidential – alongside the non-public data of 412 of its personal workers, was downloaded in the attack.
“The security of commercially confidential and sensitive personal information provided to Ofcom is taken extremely seriously,” an Ofcom spokesperson said.
“We took quick motion to forestall additional use of the MOVEit service and to implement the advisable safety measures. We additionally swiftly alerted all affected Ofcom-regulated firms, and we proceed to supply help and help to our colleagues.
“No Ofcom systems were compromised during the attack,” they added.
NordVPN chief expertise officer Marijus Briedis commented: “Stealing private and firm data from below the nostril of the UK’s media regulator might be one other feather in the cap of the cyber criminals behind the MOVEit hack.
“The giant scale of the attack and high-profile victims just like the BBC, British Airways and now Ofcom suggests this was meticulously deliberate….
“Stealing personal and company data from under the nose of the UK’s media regulator will be another feather in the cap of the cyber criminals behind the MOVEit hack” Marijus Briedis, NordVPN
Briedis added: “This significant data heist will raise the attackers’ profile within the competitive ransomware-for-hire market that exists on the dark web. It also shows the ongoing risk of supply chain attacks on the UK, with opportunistic hackers looking to prey upon third-party services as a path to landing a big fish further down the line.”
As the clock ticks nearer to Clop’s deadline for victims to contact it – lest they discover their data leaked on-line – particulars of extra victims proceed to emerge.
Ireland’s Health Service Executive (HSE) – beforehand the sufferer of a significant ransomware attack by the Conti cyber crime syndicate – is amongst these to have disclosed a breach following the attack.
Like numerous different victims, the HSE was compromised in a so-called provide chain attack through the programs of an exterior service supplier that used MOVEit Transfer, in this case skilled providers agency EY.
Progress Software’s woes proceed
Prior to the weekend, Progress Software, the corporate behind MOVEit, disclosed one other vulnerability in the product, uncovered with the assistance of third-party researchers, which can have an analogous influence.
