US Government Confirms Federal Agencies Affected by MOVEit Breach, Hackers Expand List of Victims

 

jThe U.S. government has acknowledged that several federal agencies have been targeted in cyberattacks that exploit a security vulnerability found in a popular file transfer tool.
The Cybersecurity and Infrastructure Security Agency (CISA) confirmed the intrusions in a statement provided to TechCrunch. The attacks were attributed to the Clop ransomware gang, believed to be linked to Russia. The group recently began revealing the names of organizations it claims to have hacked by exploiting the vulnerability in the file transfer tool, called MOVEit Transfer, developed by Progress Software.
The exact number of affected agencies was not disclosed by CISA, though CNN was the first to report on the attacks. The agencies impacted were not named, but the Department of Energy confirmed that two of its entities were breached. 
The Federal News Network identified Oak Ridge Associated Universities and a Waste Isolation Pilot Plant in New Mexico as the affected entities. These breaches exposed the personally identifiable information of potentially tens of thousands of individuals, including Energy employees and contractors.
“Upon learning that records from two DOE entities were compromised in the global cyberattack on the file-sharing software MOVEit Transfer, DOE took immediate steps to prevent furthe

[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.

This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents

Read the original article: