430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|Apple Fixes WebKit Flaws in iOS and macOS, With Help From AI Tools|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|Apple Fixes WebKit Flaws in iOS and macOS, With Help From AI Tools|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Clop group obtained access to the email addresses of about 632,000 US federal employees

Clop ransomware gang gained access to the email addresses of more than 632K US federal employees at the departments of Defense and Justice. Russian-speaking Clop ransomware group gained access to the email addresses of about 632,000 US federal employees at the departments of Defense and Justice. The security breach is the result of the MOVEit […]

Clop ransomware Office of Personnel Management

Office of Personnel Management in Washington, D.C. Credit: Another Believer via Wikimedia Commons.

Clop ransomware gang gained access to the email addresses of more than 632K US federal employees at the departments of Defense and Justice.

Russian-speaking Clop ransomware group gained access to the email addresses of about 632,000 US federal employees at the departments of Defense and Justice. The security breach is the result of the MOVEit hacking campaign that took place this summer. The MOVEit campaign also targeted additional US agencies, including the Department of Health and Human Services, the Department of Agriculture, and the General Services Administration.

The news of the attacks on the government departments was reported by federal cybersecurity officers to the House Science, Space and Technology Committee in July.

A report written by the US Office of Personnel Management, and obtained through a Freedom of Information Act request, provides more details about the attacks.

“The Office of Personnel Management, in a July report on the incident submitted to a congressional committee, said an unauthorized actor obtained access to government email addresses, links to government employee surveys administered by OPM and internal OPM tracking codes.” states Bloomberg. “The impacted employees were at the Department of Justice and various parts of the Defense Department: the Air Force, Army, US Army Corps of Engineers, the Office of the Secretary of Defense, the Joint Staff and Defense Agencies and Field Activities.

The Office of Personnel Management labeled the security breach as a “major incident,” however, at the time the government agency downplayed the risk of homeland security because the compromised data was “generally of low sensitivity” and not classified.

The report confirmed that attackers gained access to the data by exploiting the MOVEit flaw in a system used by Westat Inc., which is a service provider of OPM.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, data breach)