FOLLOW US

Last week, many businesses, universities, and government agencies fell victim to a massive global cyberattack. Federal officials have linked the layered attacks to a Russian ransomware gang known as Clop.

In early June, Clop claimed responsibility for hacks targeting employee data at the BBC and British Airways. These may have been the first targets in the massive attacks.

CISA investigates

According to the US Cybersecurity and Infrastructure Security Agency (CISA), several federal agencies have been affected by the cyberattack. The agency is currently providing support to these agencies, which have experienced intrusions in their MOVEit applications.

 Eric Goldstein, the executive assistant director for cybersecurity at CISA, stated that urgent efforts are underway to assess the impact and ensure timely remediation.

While the full scope of the attack is still unknown, CISA officials report several federal agencies have been impacted. And authorities believe that numerous businesses may also be affected.

Federal and state entities attacked

State agencies in Louisiana and Oregon report data compromises. CISA has linked the broader hacking campaign, exploiting the same software vulnerability, to a large number of victims.

State governments in Minnesota and Illinois have also been affected. Furthermore, state agencies announced that 3.5 million Oregonians with driver's licenses or state ID cards, as well as individuals in possession of such documentation in Louisiana, had their information compromised.

Georgia's state-wide university system, comprising the University of Georgia and several other state colleges and universities, confirmed an investigation into the severity and scope of the cyberattack.

According to Brett Callow, a threat analyst at cybersecurity firm Emsisoft, Aon and The Boston Globe are also victims of the attack. 

Callow tweeted that there are now 63 confirmed known victims, in addition to an unspecified number of US government agencies. Aon stated that it is investigating an incident impacting its clients, while The Boston Globe did not provide immediate comments.

Academic institutions have not been spared either. Johns Hopkins University and its massive health system have reported potential theft of sensitive personal and financial information, including health billing records.

Clop operates on the dark web

Clop, the Russian ransomware gang behind the cybersecurity attack, is notorious for demanding multimillion-dollar payments from victims in exchange for not publishing the data they claim to have hacked.