According to the Cybersecurity and Infrastructure Security Agency (CISA), multiple US federal government agencies fell victim to a global hacking campaign that exploited a vulnerability in widely used file-transfer software.
This revelation adds to the growing number of entities in the US, UK, and other countries that were infiltrated through the software known as MOVEit Transfer. The hackers capitalized on a security flaw that was discovered by the software’s maker, Progress Software, in the previous month.
Global hacking campaign attacked several establishments in several countries
Eric Goldstein, CISA’s executive assistant director for cybersecurity, expressed the agency’s urgent efforts to assess the impacts and implement timely remediation measures. However, specific US agencies were affected and the extent of the damage was not disclosed by CISA.
In addition to the US agencies, British energy company Shell, Johns Hopkins University, Johns Hopkins Health System, and the University System of Georgia also reported being targeted in separate statements.
Shell’s spokesperson, Anna Arata, mentioned that only a small number of Shell employees and customers utilize MOVEit Transfer. She reassured people that there was no evidence of any impact on Shell’s core IT systems. The company is currently conducting an urgent investigation to determine the potential data compromised, considering there are approximately 50 users of the tool.
From Shell to John Hopkins University, several organisations attacked
Johns Hopkins University acknowledged the recent cyber attack on their networks and the networks of numerous other large organizations worldwide. They are currently investigating the incident.
The University System of Georgia, which comprises 26 public colleges, stated that they are evaluating the extent and seriousness of the potential data exposure resulting from the MOVEit hack.
Notably, several prominent organizations in the UK, including the telecom regulator, British Airways, the BBC, and Boots pharmacy chain, were also identified as victims last week. The UK telecom regulator confirmed that data was stolen from their systems, while the personal information of tens of thousands of employees from British Airways, Boots, and the BBC was exposed.
Extent of damage unknown
Despite the breach, CISA Director Jen Easterly reassured that the United States does not anticipate any significant consequences from the incident. However, it is now yet known whether the hackers were able to get away with any data theft or other kind of damage.
MOVEit Transfer is commonly utilized by organizations to facilitate file transfers between their partners or customers. A representative from MOVEit mentioned that the company is collaborating with federal law enforcement and assisting customers in implementing necessary fixes to their systems.
Read all the Latest News, Trending News, Cricket News, Bollywood News,
India News and Entertainment News here. Follow us on Facebook, Twitter and Instagram.
0 Comments: