The dramatic fallout continues in the mass exploitation of a critical vulnerability in a widely used file-transfer program, with at least three new victims coming to light in the past few days. They include the New York City Department of Education and energy companies Schneider Electric and Siemens Electric.
To date, the hacking spree appears to have breached 122 organizations and obtained the data of roughly 15 million people, based on posts the crime group has published or victim disclosures, Brett Callow, a threat analyst at the antivirus company Emsisoft, said in an interview.
Microsoft has tied the attacks to Clop, a Russian-speaking ransomware syndicate. The hacks are all the result of Clop exploiting what had been a zero-day vulnerability in MOVEit, a file-transfer service that’s available in both cloud and on-premises offerings.