Over 2,000 Entities Hit by Cl0p Ransomware Group Exploiting MOVEit Vulnerability

September 29, 2023

The Cl0p ransomware group has exploited a vulnerability in the MOVEit file transfer solution, impacting more than 2,000 organizations and over 60 million individuals, according to data released by cybersecurity firm Emsisoft. These figures align closely with those shared by IT market research company KonBriefingResearch. Most of the affected organizations are based in the United States, with the finance, professional services, and education sectors being the most heavily hit.

A significant data breach event this week involved the National Student Clearinghouse, a U.S. non-profit organization, resulting in exposed information from nearly 900 American educational institutions.

In late May 2023, the Cl0p group took advantage of a popular SQL injection vulnerability (CVE-2023-34362) in the MOVEit file transfer solution, stealing sensitive data from a wide range of organizations. The victims include well-known corporations, governments (including several U.S. federal agencies and the U.S. Department of Energy), financial institutions, pension systems, and other public and private entities.

Over the past few months, the number of victims of the MOVEit vulnerability has been growing rapidly. The Cl0p group has abandoned the use of ransomware, choosing instead to simply extract sensitive data and threaten companies with its exposure unless a ransom is paid. Notably, this is the third time in three years that the Cl0p ransomware group has exploited zero-day vulnerabilities in web applications for extortion. Their targets have always been the 'security products' of well-known software companies.

Cl0p's significant success is likely to encourage imitation by other hacker groups, exacerbating the serious threat landscape facing application security and the software supply chain.

Related News

• Clop Ransomware Attack on BORN Ontario Child Registry Impacts 3.4 Million Individuals
• National Student Clearinghouse Data Breach Affects 900 US Schools
• Clop Ransomware Gang Targets Major North Carolina Hospitals
• Massive MOVEit Hack Affects Nearly 1,000 Organizations and 60 Million Individuals
• Rapid7 Report Highlights High ROI for Ransomware and Increasing Use of Zero-Day Exploits

Latest News

• Progress Software Issues Critical Alert for WS_FTP Server Vulnerability
• Cisco Calls on Administrators to Address Zero-Day IOS Software Vulnerability
• Google Addresses Fifth Actively Exploited Chrome Zero-Day of 2023
• Newly Unveiled RCE Exploit Chain Targets SharePoint Server
• Apple's macOS 14 Sonoma Addresses Over 60 Security Issues