Names, private details, company profiles, and confidential information regarding dozens or even hundreds of victims have been published by the popular hacker group Clop, holding all this data for ransom.
Such headlines are quite common these days, especially since everyone can access the dark web with no issues at all, while security standards don’t seem to be that high.
There is news about hacking governmental buildings in Switzerland, the national health system in the UK, and so on. Recently, a hacker group known as Clop started posting all sorts of company names on its official website on the dark net.
So far, only 26 organizations have been mentioned, but the media believes there’s a much longer list waiting to be published. So far, no private or confidential details have been published.
But then, the group has mentioned universities and banks, as well as various firms, with the main purpose to pressure them into paying. At the same time, some of the names on the list include federal bodies from the USA.
Official confirmations regarding the ransom requests
Quite often, such hacking claims lead nowhere. Most companies or institutions won’t negotiate whatsoever because they have no guarantee that the data will be destroyed if they pay. Therefore, they choose to focus on preventing further attacks rather than working on damage control.
In some cases, nothing ever happens. But in this particular case, The US Cybersecurity and Infrastructure Security Agency has released an official statement about it. The agency has admitted providing professional support to a few federal agencies that have been affected.
It looks like several agencies have faced intrusions that affected their applications, hence the necessity of further support. The agency hasn’t made any names public. At the same time, experts believe the data breach won’t have a serious impact over the victims.
But on the other hand, authorities have always tried to play such situations down. The mass hack has most likely affected hundreds of institutions, but the hack group Clop has only mentioned a few dozen on its website.
On the other hand, about 50 organizations have admitted disruptions. Some of the companies mentioned on Clop’s website include organizations from the USA, Switzerland, Canada, Belgium, and Germany. Oil corporation Shell has admitted being one of the victims.
The story behind the hack
Clop is just one of the most popular ransomware gangs out there. There are plenty of names, and they often use their websites to name and shame various companies they manage to hack. They grab valuable information and leak it out in an attempt to force companies to pay.
In many cases, it doesn’t work. In other cases, when the damage is more significant, it’s actually a profitable tactic.
Once companies are named on the leak website, there will be a round of negotiations between hackers and company representatives. In order to prevent their data being leaked, companies sometimes pay good amounts of money.
Many times, there’s a deadline involved during the negotiations.
Clop is not at its first such hacking action. In the past, the hack group has targeted other big companies and has even demanded millions of dollars to keep data private. Law enforcement officials advise victims against paying, as such actions would fuel further hacks.
Hackers targeted the MOVEit service
MOVEit is a software designed to encrypt data and ensure safe transfers. It’s commonly used by companies from all over the world, including governmental organizations, yet most of the customers are based in the USA.
The hack was disclosed by MOVEit officials at the end of May.
Company representatives have alerted customers and provided a security update straight away, but for many customers, it was already too late. By the time the hack was discovered, hackers had already grabbed plenty of private information.
Zellis, a payroll service provider from the UK, was also among the MOVEit users. It was indirectly hacked as well. According to a press release, eight different organizations in the UK have had their private data stolen.
Some of the data includes national insurance numbers, banking details, and even home addresses. Zellis customers who have been affected include Boots, Aer Lingus, the BBC, and British Airways. Now, all these organizations affected both directly and indirectly are likely to start negotiating with Clop.
What happens now? While the authorities do discourage victims from negotiating or paying money, the truth is such sensitive data can lead to serious consequences in the long run. Given the data stolen, hackers may have access to millions in bank accounts, as well as identity details.
It’s still early to tell where the investigation will lead, but at the moment, Clop seems to be in charge of all these databases that are likely to leak out or be sold for the right amount of money to the highest bidder.