"The costs will be absolutely massive, including credit monitoring for millions and lawsuits out the wazoo." "While this may not be in the same league as the SolarWinds incident, it's nonetheless one of the most significant hacks of recent years," Emsisoft Threat Analyst Brett Callow told The Register. So it's likely that the total number of victims will keep growing. That one-to-many impact is a very attractive thing for hackers, and that is what makes supply chain threats so sinisterĬase in point: Clop exploited a deployment of MOVEit used by payroll services provider Zellis whose customers include British Airways, the BBC, and the Boots pharmacy chain in the UK, among others, and as a result these companies all saw their employees' records stolen by the Russian gang via the software flaw.Īnd, as Emsisoft reports, another MOVEit user – the National Student Clearinghouse – partners with more than 3,500 schools in the US and processes information belonging to 17.1 million students. As of July 19, 383 organizations and over 20 million individuals have been compromised, according to cybersecurity outfit Emsisoft, which sourced its figures from breach notifications, SEC filings, other public data, and Clop's leak site.īut, as the infosec team notes, some of the companies whose MOVEit installations were breached provide services to many other organizations.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |