At the end of May 2023, a Zero Day vulnerability was discovered by risk analysing firm Kroll and on June 7th of this year, Clop ransomware gang published on its blog that they have gained access to the servers of MOVEit software via Zellis Payroll software and urged the victims to contact via the blog post, as their email response could go at snail pace as the number of victims related to the incident was large.
Going forward, let us list out the victims who have been impacted by the attack after the hack-ers gained control of Moveit file transfer software worldwide, a business unit of Progress Software. And more to be added to the list after confirmation.
- The US Department of Energy,
- Shell company,
- First National Bankers Bank
- Putnam Investments
- Datasite
- Swizz Insurance company βOKKβ
- Leggett & Platt
- Multinational firm PricewaterhouseCoppers(Pwc)
- Ernst & Young
- Health Services Ireland
- BBC
- British Airways
- Boots Retail
- Medibank
- Rochester Hospital
- GreenShield Canada
- Datasite
- National Student Clearinghouse
- United Healthcare Student Resources
- University System of Georgia
- German brand Heidelberg
- Aer Lingus
- Government of Nova Scatia
- Johns Hopkins University
- Ofcom Britain
- Transport for London (TfL)
- Ernst and Young
- Gen Digital, the parent company of Avast, Norton, AVG, Avira and LifeLock
- New York City Department of Education attack impacted about 45k students
- Siemens Energy
- Schneider Electric
- Shutterfly.com
- Dublin Airport staff info leak,
- Allegiant Air
- American Airlines
- Irelands commission of Communications Regulation
- Estee Lauder
- Sierra Wireless
- Bluefin Payment System
- TJX Companies
- Ventiv Technology
- Vitality Group International
- University of Alaska
- University of Colorado
- University of Dayton
- University of Delaware
- University of Idaho
- University of Illinois
- University of Loyola
- University of Missouri
- University of Oklahoma
- University of Rochester
- University of Southern Illinois
- University of Utah
- University of Wake Forest
- University of Washington State
- Webster University
- PBI Research Service
- Teachers Insurance and Annuity Association
- Honeywell
- American Multi Cinema Inc aka AMC Theatres
- Warner Bros
- Discovery
- Raddison Americas
- Crowe
- ING Bank
- Deutsche Bank
- Postbank
- Maximus
- Serco Inc
- Aristocrat
- Data Media Associates aka DMA
- Clorox ( yet to be confirmed officially),
- Colorado Department of Health Care Policy & Financing(HCPF).
- UMass Chan Medical School of Massachusetts health.
- Government of Nova Scotia, Canada
- Pole Emploi, France
NOTE- Microsoft has confirmed the presence of Clop ransomware suspects, linked to Russian intelligence behind the incident and reaffirmed that health organizations and financial institutions could be the next target of the notorious file encrypting malware spreading gang that is into double extortion. And in the latest MoveIt software attack, the gang is suspected to have raked around $100m as ransom from its long list of victims.
