MOVEit leak: CLOP group leaks another 30 company names

B2B Cyber ​​Security ShortNews

Share post

It's like a bottomless pit: in just one week, the CLOP group has leaked another 30 company names that are said to be victims of the attack on the MOVEit vulnerability. Now there are well over 80 victims, some of whom are prominent. Much of the data is already completely online.

The currently published list has now grown to 82 names. Most company names are international and not based in Germany. The group of users weeks ago, the vulnerable software solution MOVEit for data exchange is smaller in Germany than initially assumed. Nevertheless, experts speak privately of a good 100 victims, most of whom do not appear in any list - not even in the CLOP group.

Already 82 victims online in the pillory

The list Although compared to previous reports getting longer and longer, but at the same time the list of non-payers is also getting longer and longer. The group rages in a block of text that the companies are letting their customers down. Parts of their data packages are currently available for download from 30 companies on the dark web. In addition, there are more and more entries with the publication of the entire data. The supposedly stolen data of 20 companies can currently be found on the Darknet.

The ratio of non-payers with 50 to 82 victims would not be bad at all. However, there is probably a high number of unreported companies that paid immediately and do not even appear in the list. According to CLOP, companies such as Heidelberger Druckmaschinen AG, Shell, the Boston Globe, security software manufacturer NortonLifeLock, Sony, the auditors Ernst & Young and PWC, and the insurer Zurich did not pay. Good this way.

More and more companies are not paying

It's good to see that many companies are not willing and paying for the deal. Because if CLOP already has the data, there is no guarantee that this data will not be resold. The damage for the companies only adds up if they also pay money for it.

Background to the MOVEit vulnerability: After the vulnerability became known, many companies have taken the MOVEit environment offlineto prevent unauthorized data access. Subsequent forensics revealed that before the MOVEit environment was shut down, many companies had been illicitly stealing data about this critical vulnerability.


Matching articles on the topic

Report: 40 percent more phishing worldwide

The current spam and phishing report from Kaspersky for 2023 speaks for itself: users in Germany are after ➡ Read more

BSI sets minimum standards for web browsers

The BSI has revised the minimum standard for web browsers for administration and published version 3.0. You can remember that ➡ Read more

Stealth malware targets European companies

Hackers are attacking many companies across Europe with stealth malware. ESET researchers have reported a dramatic increase in so-called AceCryptor attacks via ➡ Read more

IT security: Basis for LockBit 4.0 defused

Trend Micro, working with the UK's National Crime Agency (NCA), analyzed the unpublished version that was in development ➡ Read more

MDR and XDR via Google Workspace

Whether in a cafe, airport terminal or home office – employees work in many places. However, this development also brings challenges ➡ Read more

Test: Security software for endpoints and individual PCs

The latest test results from the AV-TEST laboratory show very good performance of 16 established protection solutions for Windows ➡ Read more

FBI: Internet Crime Report counts $12,5 billion in damage 

The FBI's Internet Crime Complaint Center (IC3) has released its 2023 Internet Crime Report, which includes information from over 880.000 ➡ Read more

HeadCrab 2.0 discovered

The HeadCrab campaign against Redis servers, which has been active since 2021, continues to successfully infect targets with the new version. The criminals' mini-blog ➡ Read more