Over 2,000 Entities Hit by Cl0p Ransomware Group Exploiting MOVEit Vulnerability

September 29, 2023

The Cl0p ransomware group has exploited a vulnerability in the MOVEit file transfer solution, impacting more than 2,000 organizations and over 60 million individuals, according to data released by cybersecurity firm Emsisoft. These figures align closely with those shared by IT market research company KonBriefingResearch. Most of the affected organizations are based in the United States, with the finance, professional services, and education sectors being the most heavily hit.

A significant data breach event this week involved the National Student Clearinghouse, a U.S. non-profit organization, resulting in exposed information from nearly 900 American educational institutions.

In late May 2023, the Cl0p group took advantage of a popular SQL injection vulnerability (CVE-2023-34362) in the MOVEit file transfer solution, stealing sensitive data from a wide range of organizations. The victims include well-known corporations, governments (including several U.S. federal agencies and the U.S. Department of Energy), financial institutions, pension systems, and other public and private entities.

Over the past few months, the number of victims of the MOVEit vulnerability has been growing rapidly. The Cl0p group has abandoned the use of ransomware, choosing instead to simply extract sensitive data and threaten companies with its exposure unless a ransom is paid. Notably, this is the third time in three years that the Cl0p ransomware group has exploited zero-day vulnerabilities in web applications for extortion. Their targets have always been the 'security products' of well-known software companies.

Cl0p's significant success is likely to encourage imitation by other hacker groups, exacerbating the serious threat landscape facing application security and the software supply chain.

Related News

Latest News

Like what you see?

Get a digest of headlines, vulnerabilities, risk context, and more delivered to your inbox.

Subscribe Below

By submitting this form, you’re giving us permission to email you. You may unsubscribe at any time.

Accelerate Security Teams

Continuously identify and prioritize the risks that are most critical in your environment, and validate that your remediation efforts are reducing risk. An always-on single source-of-truth of your assets, services, and vulnerabilities.