In a recent data leak ultimatum news, a cybercrime group known as Clop has issued an ultimatum to targeted companies, involving a data leak threat.
The group, believed to be based in Russia, is responsible for a significant hack of payroll data that has affected prominent organizations such as the BBC, British Airways, and Boots.
Key Takeaways:
- Clop is responsible for a large-scale hack of payroll data
- Clop has issued an ultimatum on the dark web to June 14 or will go public.
- It’s on a large scale, exploited via MOVEit to gain access to the data.
- Leading UK payroll provider Zellis has confirmed it’s true
- Microsoft analysts attribute it to the Clop group based on the techniques used.
Breach and Attribution
According to the BBC, a Russian cybercrime group has reportedly issued an ultimatum to British and other targeted companies following a recent large-scale hack of payroll data. The breach, which affected companies such as the BBC, British Airways, and Boots, has been attributed to the Clop group by cybersecurity experts.
Clop has posted notices on the dark web, warning the affected companies to comply with their demands or face the public release of stolen private data. This alarming development has raised serious concerns about cybersecurity and the growing influence of cybercriminals like Clop.
Dark Web Ultimatum in Data Leak Ultimatum
The hacking group has allegedly posted a notice on the dark web using broken English, warning the affected parties to contact them via email before June 14. Failure to comply would result in the publication of the private data stolen.
The BBC cited a purported blog post from Clop, stating that they had potentially downloaded a significant amount of data through an exceptional exploit of the Progress MOVEit product.
The post further encouraged the victim organizations to initiate negotiations by emailing the group through their dark web portal. The report advised employers not to pay any ransom demands if made by the hackers.
Exploited Software and Global Impact
The hackers gained access to the data by exploiting a popular business software service called MOVEit, subsequently breaching the databases of numerous companies.
In addition to the aforementioned organizations, other targets include Aer Lingus, the government of Nova Scotia in Canada, and the University of Rochester in the United States.
Zellis, the leading payroll provider in the UK, disclosed that eight of its customers were affected by this global issue, potentially exposing personal information like names, addresses, and banking details.
Microsoft analysts, based on the techniques employed in the hack, have attributed the responsibility to the Clop group.
