The names and company profiles of dozens of victims of a global mass hack have been revealed by a group of cybercriminals holding their stolen data for ransom. On Wednesday, the Clop hacker group began posting the company’s name on its darknet website.
26 institutions, including banks and universities, were added to pressure victims to pay.
United States federal agencies have also been listed. CNN was told by US Cybersecurity and Infrastructure Security Agency it “is providing support to a number of federal agencies that have been compromised affecting their MOVEit applications.”
It’s not clear which agencies were affected or what data was stolen, but cyber authorities said they don’t expect it to have a significant impact. Lot of organizations around the world have been affected by mass hack, with around 50 organizations so far confirmed by the companies themselves or by hackers.
On the so-called “leak site” of hackers, there are companies from the United States, Germany, Belgium, Switzerland and Canada.
Oil giant Shell went online on Wednesday and has since confirmed they are victims.
The BBC chose not to name other companies. Ransomware affiliated partners like Clop use their breached websites to ‘name and shame’ paying victims by posting company profiles. It’s a well-established and often profitable process.
“Once Clop names the companies on its data breach website, the team will initiate rounds of negotiations with the relevant organizations, demanding ransom payments to prevent their data from being hacked.”, said Clop.
Mr. Morgan said the hackers were hoping victims would get in touch and set a deadline before their data was made public. Clop is known for ransoming hundreds of thousands, sometimes millions of dollars, but police forces around the world discourage victims from paying because it abets these criminal gangs.
MOVEit hack was first announce, On May 31 American company Progress Software said hackers had found a way to break into their MOVEit Transfer tool. MOVEit is software designed to move sensitive files securely and is popular worldwide with most of its customers in the United States.
Customers of Progress Software were notified as soon as the hack was discovered and promptly released a downloadable security update. More criminals were able to access the databases of hundreds of other companies.
UK-based payroll service provider, Zellis, was a MOVEit user who was later hacked. Zellis confirmed that eight UK institutions had their data stolen, including home addresses, national insurance numbers and in some cases bank details. Not all companies have the same data.
Zellis customers that have been hacked include the BBC, British Airways, Aer Lingus and Boots.
