DHL Investigates MOVEit Data Breach: Shipping giant DHL’s United Kingdom arm is investigating a data breach linked to its use of the MOVEit software, exploited by a Russia-based ransomware group.
The breach has affected numerous organizations, with the number of victims exceeding 20 million.
The situation has raised concerns over data security and highlights the urgency of implementing robust cybersecurity measures.
Key Takeaways DHL Investigates MOVEit Data Breach:
Table of Contents
- DHL’s UK arm is investigating a data breach stemming from the exploitation of the MOVEit software by a ransomware group.
- The breach has impacted at least 383 organizations, with the leaked information of over 20 million individuals.
- Coveware reports that the ransomware group, Clop, could potentially earn between $75 million to $100 million from the MOVEit campaign, underscoring the severity of the situation.
DHL’s UK division is conducting an investigation into a data breach associated with the use of MOVEit software, which has been exploited by a Russia-based ransomware group for nearly two months.
Progress Software, the provider of MOVEit, patched the software, but the cybercriminals have targeted unpatched systems, impacting various organizations.
The Extent of the Breach and Affected Organizations
Emsisoft researchers have identified at least 383 affected organizations, with the leaked data of over 20 million individuals as a result of the Clop ransomware gang’s exploitation of the MOVEit vulnerability.
Various institutions, including banks and financial companies, reported breaches, with varying numbers of victims exposed.
Notable Breaches and Financial Implications
PokerStars revealed that 110,291 individuals had their Social Security numbers accessed, while Franklin Mint Federal Credit Union reported 140,963 victims affected by Clop ransomware. 1st Source Bank exposed the sensitive data of 450,000 customers.
Fidelity & Guaranty Life Insurance Company disclosed that around 873,000 people had their Social Security numbers and other data leaked.
Involvement of PBI Research Services and Impact on the ACLU Foundation
PBI Research Services, an audit company, was implicated in the MOVEit breaches of numerous organizations, including large pension funds and universities.
The American Civil Liberties Union Foundation also suffered from the PBI breach, with 575 donors and beneficiaries affected by the incident.
Clop Ransomware Group’s Successful Attacks
Coveware CEO Bill Siegel highlights that Clop’s MOVEit-centered attacks have been highly successful due to the vast number of vulnerable companies.
The group targeted victims they knew would pay ransoms, potentially earning between $75 million to $100 million from the campaign.
Conclusion
The DHL MOVEit data breach and its far-reaching impact on numerous organizations raise significant concerns about data security and cybersecurity practices.
The large sum potentially earned by the ransomware group underscores the urgency for businesses to prioritize robust cybersecurity measures and promptly address vulnerabilities to protect sensitive information from such devastating attacks.
