The Clop ransomware group made headlines by launching a series of data theft attacks, targeting organizations across the globe.
“The U.S. educational nonprofit, the National Student Clearinghouse, recently disclosed a data breach affecting 890 schools using its services across the United States.
In a notification letter sent to the Office of the California Attorney General, Clearinghouse reported that unauthorized individuals had gained access to its MOVEit managed file transfer (MFT) server on May 30 and stole files containing a wide range of personal information.
Shortly thereafter, Clearinghouse stated, “We received an alert from our third-party software provider, Progress Software, about a cybersecurity issue linked to their MOVEit Transfer solution on May 31, 2023.” In response, Clearinghouse promptly initiated an investigation with the assistance of leading cybersecurity experts and collaborated closely with law enforcement.
Among the pilfered documents were personally identifiable information (PII), including names, birthdates, contact information, Social Security numbers, student ID numbers, and certain school-related records like enrollment records, degree records, and course-level data.
Moreover, the data breach notification letters reveal that the exposed data varies for each affected individual. For more details, you can find the complete list of educational institutions impacted by this significant data breach here.
In addition to its primary role, Clearinghouse provides a range of essential services, including educational reporting, data exchange, verification, and research services to approximately 22,000 high schools and about 3,600 colleges and universities. The organization proudly reports that it serves nearly 97% of students in both public and private institutions.”
Clop’s Advanced Hacking Techniques
The Clop ransomware group initiated extensive data theft attacks on May 27 by exploiting a zero-day security vulnerability in the MOVEit Transfer secure file transfer platform.
Subsequently, starting from June 15, these cybercriminals began extorting affected organizations, publicly revealing their names on the group’s dark web data leak site.
As a result, the repercussions of these assaults are expected to affect hundreds of organizations worldwide. Many of them have already taken action by notifying their affected customers over the past four months.
Despite the wide range of potential victims, it’s worth noting that Coveware’s estimates suggest that only a limited number are likely to comply with Clop’s ransom demands. Nevertheless, the cybercrime group is projected to collect an estimated $75-100 million in payments due to the high ransom demands.
Additionally, reports have surfaced revealing that multiple U.S. federal agencies and two entities within the U.S. Department of Energy (DOE) have fallen prey to these data theft and extortion attacks.
Story credit
Related stories:
