A security flaw in the MOVEit file transfer application has allowed hackers to steal the personal information of more than 15.5 million people, and the number of impacted companies keeps rising.
A vulnerability in Progress Software's enterprise file transfer application MOVEit Transfer has been the focus of Clop ransomware assaults, which have so far claimed more than 140 victims. Only 10 of these victims have so far confirmed the number of those impacted, but there are already more than 15.5 million people infected, according to Brett Callow, a ransomware expert and security analyst at Emsisoft.
This includes roughly 6 million residents of Louisiana, about 770,000 California Public Employees' Retirement System members, between 2.5 and 2.7 million Genworth Finance clients, roughly 1.5 million Wilton Reassurance clients, more than 170,000 Tennessee Consolidated Retirement System beneficiaries, and more than half a million Talcott Resolution clients.
Callow claims that among the large-scale attacks was the National Student Clearinghouse, a nonprofit educational organisation in the United States, which could have experienced a "potentially significant" data loss. The company has a working relationship with 22,000 high schools, 3,600 colleges and institutions, and started contacting schools about the data breach.
He highlighted that at least seven of the known MOVEit victims are colleges in the United States, and 16 are public sector organisations in the United States.
According to Bloomberg, this includes the U.S. Department of Health and Human Services (HHS), which announced Wednesday that officials notified Congress of an event involving the exposure of more than 100,000 people.
The US Cybersecurity and Infrastructure Security Agency earlier stated that "several" US government agencies had been compromised as a result of the MOVEit transfer issue, and a spokeswoman for the Department of Energy confirmed that this included two DOE entities.
Clop, the group that claimed responsibility for the massive attacks, has added tens of new victims to their leak site this week alone, including banks, consulting and law firms, and energy conglomerates.
A spokesperson for Siemens Energy, Claudia Nehring, acknowledged to a local media site that the company is one of the targets of the MOVEit assaults.
"According to our current analysis, no critical data has been compromised, and our operations have not been impacted." "When we learned about the incident, we acted immediately," Nehring stated.
The exact number of organisations affected, and thus violated individuals, is unknown. Clop claims to have hacked "hundreds" of organisations in a post on its leak site, implying that more victims will be revealed in the following days and weeks.
In light of the latest wave of mass attacks, the United States State Department earlier this month offered a $10 million reward for information on the Clop ransomware group, a Russia-linked gang that was also responsible for previous mass-attacks that exploited flaws in Fortra's GoAnywhere file transfer tool and Accellion's file transfer application.
The vulnerability was fixed by MOVEit software was patched by May 31.