UCLA confirmed this week that it is among dozens of institutions and companies that had data stolen in a cyber attack, that government officials have blamed on a ransomware gang known as, “CL0P.”
“The university notified the FBI and worked with external cybersecurity experts to investigate the matter and determine what happened, what data was impacted and to whom the data belongs,” a UCLA spokesperson told the I-Team, who declined to be interviewed or answer questions about what kind of data was stolen, or who on the campus may have been affected.
According to bulletins from the U.S. Cybersecurity and Infrastructure Security Agency and the F.B.I., beginning in May, 2023 thieves tied to the CL0P group used a previously unknown software vulnerability, also known as a ‘zero day’ exploit, to infect applications that interface with a file transfer system known as “MOVEit.”
“Internet-facing MOVEit Transfer web applications were infected with a specific malware used by CL0P, which was then used to steal data from underlying MOVEit Transfer databases,” CISA said in early June.
MOVEit’s owner, Progress Software, said it has been helping its customers patch the vulnerabilities and assisting authorities with investigating the theft.
“We have engaged with federal law enforcement and other agencies and are committed to playing a collaborative role in the industry-wide effort to combat increasingly sophisticated and persistent cybercriminals intent on maliciously exploiting vulnerabilities in widely used software products,” an unnamed spokesperson for Progress Software emailed Tuesday.
The CL0P group is believed to be based in Russia or Eastern Europe, and has claimed responsibility for numerous cyber attacks that typically lead to demands for ransom payments, security researcher Brett Callow with the firm Emsisoft told the I-Team.
“They are an extortion organization, they steal data, and demand money,” Callow said. “They have hit hundreds of organizations over the years, sometimes en masse, and have breached other file transfer platforms in the past.”
He said the group’s posts about this theft have identified more than 130 victim organizations, and related disclosures from some of the victims have indicated the stolen files may include information about more than 15-million individuals.
“These file transfer platforms and other services that companies use are potentially a gold mine to cyber criminals,” Callow said. “Normally if they hack their way into a company they’ve only got one attempt at extortion. If they manage to breach one of these file transfer applications, they can potentially have hundreds of victims.”
Denial of responsibility! Toys Matrix is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – admin@ toysmatrix.com . The content will be deleted within 24 hours.