UK communications regulator Ofcom has revealed it is among the organisations to have been compromised by the Russian-speaking Clop cyber crime gang following its exploit of a SQL injection vulnerability in Progress Software’s MOVEit Transfer managed file transfer service.
Ofcom confirmed earlier today that a “limited amount” of information about companies it regulates – some of it confidential – alongside the personal data of 412 of its own employees, was downloaded in the attack.
“The security of commercially confidential and sensitive personal information provided to Ofcom is taken extremely seriously,” an Ofcom spokesperson said.
“We took immediate action to prevent further use of the MOVEit service and to implement the recommended security measures. We also swiftly alerted all affected Ofcom-regulated companies, and we continue to offer support and assistance to our colleagues.
“No Ofcom systems were compromised during the attack,” they added.
NordVPN chief technology officer Marijus Briedis commented: “Stealing personal and company data from under the nose of the UK’s media regulator will be another feather in the cap of the cyber criminals behind the MOVEit hack.
“The large scale of the attack and high-profile victims like the BBC, British Airways and now Ofcom suggests this was meticulously planned….
“Stealing personal and company data from under the nose of the UK’s media regulator will be another feather in the cap of the cyber criminals behind the MOVEit hack” Marijus Briedis, NordVPN
Briedis added: “This significant data heist will raise the attackers’ profile within the competitive ransomware-for-hire market that exists on the dark web. It also shows the ongoing risk of supply chain attacks on the UK, with opportunistic hackers looking to prey upon third-party services as a path to landing a big fish further down the line.”
As the clock ticks closer to Clop’s deadline for victims to contact it – lest they find their data leaked online – details of more victims continue to emerge.
Ireland’s Health Service Executive (HSE) – previously the victim of a major ransomware attack by the Conti cyber crime syndicate – is among those to have disclosed a breach following the attack.
Like a number of other victims, the HSE was compromised in a so-called supply chain attack via the systems of an external service provider that used MOVEit Transfer, in this case professional services firm EY.
Progress Software’s woes continue
Prior to the weekend, Progress Software, the company behind MOVEit, disclosed another vulnerability in the product, uncovered with the help of third-party researchers, which may have a similar impact.
A patch for this vulnerability was released on 9 June. MOVEit Transfer users can find more details about the vulnerability here.
Table of Contents Other Black Swan events Protecting your business as investors protect their portfolio Build to withstand scrutiny A growing sense of uncertainty is…
The Association of British Insurers (ABI), the British Insurance Brokers’ Association (BIBA) and the International Underwriting Association (IUA) have joined with the National Cyber Security…
The UK’s National Cyber Security Centre (NCSC) has published extensive new guidance to help support organisations as they prepare for the looming IT security risks…
The National Physical Laboratory (NPL) and Science and Technology Facilities Council’s RAL Space have joined forces to create a facility for calibrating small satellites. Funded…
Table of Contents Knowledge distillation Augmenting SLMs Reducing errors and hallucinations According to analyst Gartner, small language models (SLMs) offer a potentially cost-effective alternative for…
Table of Contents First responders Data crisis Changing the narrative A pathway to resilience Learning process Your worst day can begin so innocuously – you…
