Encircle News!

Retro Game Arcade
, , , ,

Ofcom says it won’t pay ransom, as new MOVEit hack victims come forward

Carly Page

More victims of the mass-hacks targeting users of MOVEit Transfer, a popular file-transfer application, are coming forward as the number of known impacted organizations reaches almost 400.

U.S. cosmetics giant Estée Lauder said in a statement that an unauthorized third-party “gained access” to some of the company’s systems and obtained data, but did not share any further details — or publicly link the incident to MOVEit.

The Russia-linked Clop ransomware gang, which has taken credit for the MOVEit mass-hacks, said it stole gigabytes of company data plus Estée Lauder archives. Separately, the company was also listed by another ransomware gang.

Other victims to show up on Clop’s leak site this week included the U.K. government’s communications regulator Ofcom, and the Commission for Communications Regulation, or ComReg, the general communications regulator for Ireland.

Ofcom spokesperson Harry Rippon told TechCrunch that as the regulator confirmed last month, it believes that the personal data of 412 employees was downloaded during the attack. “No payroll data was breached,” said the spokesperson. “This affected Ofcom employees who had changed their benefits or who were new joiners.” Ofcom said it “has not made any payment, as per advice from the National Cyber Security Centre.”

ComReg declined to answer TechCrunch’s questions.

While Clop listed both Ofcom and ComReg on Tuesday, both organizations have since been removed from the leak site. The reason behind the removal is not known, but Clop claims it deletes government-related data that it steals.

This could also be the reason that U.S. government agencies impacted by the mass-hacks have not yet been listed. In a statement shared with TechCrunch last month, U.S. cybersecurity agency CISA said that “several” U.S. government agencies experienced intrusions related to the MOVEit breach. The U.S. Department of Energy confirmed that two of its entities were among those breached.

While Clop appears to have backtracked on its threats to leak Ofcom and ComReg data, the gang is threatening to publish data stolen from consultancy giant Ernst & Young and stockbroker TD Ameritrade. The hacking group also published a huge cache of data allegedly stolen from British multinational professional services brand PwC’s clients. PwC was first listed by Clop last month but at the time declined to answer TechCrunch’s questions.

In a statement provided to TechCrunch this week, PwC spokesperson Mike Davis confirmed that the company is “working with impacted clients” and no longer uses the MOVEit file-transfer platform. PwC declined to say how many clients had been impacted or what types of data had been stolen.

Clop also listed several other companies on its dark leak site, including a U.S. airline, a Canadian tech company, and a U.K. payments cybersecurity firm. None of these companies responded to TechCrunch’s questions.

It’s unlikely that the number of organizations — or individuals — impacted by the MOVEit mass-hacks will be known for some time.

According to the latest data from Brett Callow, threat analyst at Emsisoft, there are so far 381 known victims of the MOVEit attacks, impacting the personal data of almost 20 million individuals. However, he told TechCrunch that “based on the average number of individuals per breach and the number of orgs we know have been impacted but not yet confirmed, the potential total of individuals could be 85,955,498.”

“But, of course, there’s lots of orgs we don’t yet know about,” Callow added.

Banks, hotels and hospitals among latest MOVEit mass-hack victims

https://techcrunch.com/2023/07/20/ofcom-comreg-moveit-hacks/

Follow Us

Featured Posts

November 2024
M T W T F S S
 123
45678910
11121314151617
18192021222324
252627282930  

About Us

Welcome to encircle News! We are a cutting-edge technology news company that is dedicated to bringing you the latest and greatest in everything tech. From automobiles to drones, software to hardware, we’ve got you covered.

At encircle News, we believe that technology is more than just a tool, it’s a way of life. And we’re here to help you stay on top of all the latest trends and developments in this ever-evolving field. We know that technology is constantly changing, and that can be overwhelming, but we’re here to make it easy for you to keep up.

We’re a team of tech enthusiasts who are passionate about everything tech and love to share our knowledge with others. We believe that technology should be accessible to everyone, and we’re here to make sure it is. Our mission is to provide you with fun, engaging, and informative content that helps you to understand and embrace the latest technologies.

From the newest cars on the road to the latest drones taking to the skies, we’ve got you covered. We also dive deep into the world of software and hardware, bringing you the latest updates on everything from operating systems to processors.

So whether you’re a tech enthusiast, a business professional, or just someone who wants to stay up-to-date on the latest advancements in technology, encircle News is the place for you. Join us on this exciting journey and be a part of shaping the future.

Podcasts

TWiT 1007: All the Hotdogs in the World – China's 'Salt Typhoon' Hack, Google on the Chopping Block, Recall AI This Week in Tech (Audio)

In this episode of This Week in Tech, the panel tackles the "biggest hack in US history," the future of AI, and the role of government in tech. From the Chinese hack's implications to Microsoft's AI-powered Recall, the Supreme Court's tech-related cases, and the push for social media age verification, Leo Laporte, Patrick Beja, Wesley Faulkner, and Alex Wilhelm provide insightful analysis and lively discussion on the most pressing issues facing the industry today. China's "Salt Typhoon" hack, dubbed the "worst hack in our nation's history," which compromised US telecommunications infrastructure and allowed surveillance of high-profile individuals The panel debates the challenges of securing outdated infrastructure and the role of government in regulating tech companies DOJ's push for Google to sell off Chrome to break its search monopoly, and the potential implications for competition and innovation Alex Wilhelm's article "If you like startups, you should love anti-trust" and the importance of fostering competition in the tech industry Microsoft's Windows 365 Link, a $349 mini PC that streams Windows from the cloud, and the potential for thin client computing Microsoft's Recall AI feature, which records and indexes users' screen activity, raising security concerns but offering potential benefits for users The Supreme Court's involvement in cases related to Facebook's Cambridge Analytica data breach and the fate of America's low-income broadband fund The panel also discusses their personal experiences with parenting in the digital age and the challenges of balancing screen time, privacy, and education for children Meta's push for Apple and Google to verify users' ages on social media platforms, and the challenges of implementing effective age verification while protecting user privacy Amazon's talks with Instacart, Uber, Ticketmaster, and others to enhance its AI-powered Alexa assistant Spirit Airlines filing for bankruptcy amidst financial losses and mounting debt payments Alex laments the addition of ads to Amazon Prime Video and the panel debates the tradeoffs of bundled subscription services Host: Leo Laporte Guests: Patrick Beja, Wesley Faulkner, and Alex Wilhelm Download or subscribe to This Week in Tech at https://twit.tv/shows/this-week-in-tech Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Sponsors: Melissa.com/twit shopify.com/twit veeam.com lookout.com bitwarden.com/twit
  1. TWiT 1007: All the Hotdogs in the World – China's 'Salt Typhoon' Hack, Google on the Chopping Block, Recall AI
  2. TWiT 1006: Underwater Alien Civilizations – Bluesky Growth, Tyson Vs. Paul, AI Granny
  3. TWiT 1005: $125,000 in Baguettes – iPod Turns 23, The $1.1M AI Painting, Roblox
  4. TWiT 1004: Embrace Uncertainty – Political Texts, Daylight Saving Time, Digital Ad Market
  5. TWiT 1003: CrabStrike – Delta Sues Crowdstrike, Hospital AI, Surge Pricing