Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Home Data Breach Shell Confirms MOVEit-based Hack After the Threat Group Leaks Data
CIOp MOVEit Attacks cybercrime gang Data Breach MFT MoveIt Hack Ransomware attack Ransomware group Shell

Shell Confirms MOVEit-based Hack After the Threat Group Leaks Data

CIOp, the Russia-based cybercrime gang has now started to expose its victim organizations that have refused to negotiate with its demands.
Sunday, July 09, 2023


The CIOp ransomware gang has targeted a zero-day vulnerability in the MOVEit managed file transfer (MFT) product, acquiring data of at least 130 companies that had been utilizing the solution. At least 15 million people are thought to have been affected as of now.

CIOp , the Russia-based cybercrime gang has now started to expose its victim organizations that have refused to negotiate with its demands. Apparently, the victims’ names have been exposed on its leak website, will Shell being the first company to be revealed.

Following the leak, Shell confirmed being affected by the MOVEit attack. In a statement published on Wednesday, the company clarified that the MFT software was “used by a small number of Shell employees and customers.”

“Some personal information relating to employees of the BG Group has been accessed without authorization,” it added.

Shell confirmed the incident only after the Cl0p hacking gang disclosed files allegedly taken from the company. The fact that the group made 23 archive files with the label "part1" public may indicate that they have access to more information.

Following this discloser, the ransomware gang added that they did so since the company refused to negotiate.

However, it is yet not particularly clear of what information has been compromised. Although, the firm confirmed to have informed the affected victims.

Moreover, toll-free phone numbers have been made available to employees in in Malaysia, South Africa, Singapore, Philippines, UK, Canada, Australia, Oman, Indonesia, Kazakhstan, and Netherlands. Thus, indicating that the affected individuals are more likely to be from these countries.

Since no file-encrypting software was used in the attack, Shell noted that "this was not a ransomware event" and that there is no proof that any other IT systems were impacted.

It is worth mentioning that this was not the first time that Shell has been targeted by the CIOs group, since in 2020 the threat actors targeted the company’s Accellion file transfer service. The company noted that during this hack the hackers stole their personal and corporate data.

Some of the other notable companies targeted by the latest MOVEit exploit includes Siemens Energy, Schneider Electric, UCLA, and EY.

It has also been confirmed by some government organizations that they as well were impacted by the hack, while the ransomware group claims to have deleted all the data acquired from such entities.  

Tags: CIOp MOVEit Attacks cybercrime gang Data Breach MFT MoveIt Hack Ransomware attack Ransomware group Shell
Share it:

CIOp MOVEit Attacks

cybercrime gang

Data Breach

MFT

MoveIt Hack

Ransomware attack

Ransomware group

Shell