👀 Copy Legendary Investors' Portfolios in One ClickCopy For Free

US energy department, other agencies hit in global hacking spree

Published 06/15/2023, 11:58 AM
Updated 06/15/2023, 09:51 PM
© Reuters. FILE PHOTO: A man holds a laptop computer as cyber code is projected on him in this illustration picture taken on May 13, 2017. REUTERS/Kacper Pempel/File Photo
RDSa
-
PRGS
-

By Zeba Siddiqui and Raphael Satter

(Reuters) - The U.S. Department of Energy and several other federal agencies were hit in a global hacking campaign that exploited a vulnerability in widely used file-transfer software, officials said on Thursday.

Data was "compromised" at two entities within the energy department when hackers gained access through a security flaw in MOVEit Transfer, the department said in a statement.

A DOE official said those entities were the DOE contractor Oak Ridge Associated Universities, and the Waste Isolation Pilot Plant - the New Mexico-based facility for disposal of defense-related nuclear waste.

British energy giant Shell (LON:RDSa), the University System of Georgia, the Johns Hopkins University and the Johns Hopkins Health System were also hit, all three groups said in separate statements. The latter is a nonprofit that collaborates with the university and runs six hospitals and primary care centers.

The new victims add to a growing list of entities in the U.S., Britain and other countries whose systems were infiltrated through the MOVEit Transfer software. The hackers took advantage of a security flaw that its maker, Progress Software (NASDAQ:PRGS), discovered late last month.

The Russia-linked extortion group Cl0p, which has claimed credit for the MOVEit hack, earlier said in a statement that it would not exploit any data taken from government agencies, and that it had erased all such data. It did not immediately respond to a request for further comment.

The U.S. Cybsecurity and Infrastructure Security Agency (CISA) said it was helping several federal agencies that had been breached, but did not name them.

"At this time, we are not tracking any significant impacts to the federal civilian executive branch (.gov) enterprise but are continuing to work with our partners on this issue," the agency said in a statement.

The energy department, which manages U.S. nuclear infrastructure and energy policy, said it had notified Congress of the breach and is participating in investigations with law enforcement and CISA.

A Shell spokesperson said there was no evidence of impact to Shell’s core IT systems from the MOVEit Transfer-related breach. "There are around 50 users of the tool, and we are urgently investigating what data may have been impacted," she added.

Johns Hopkins also said it was "investigating a recent cybersecurity attack targeting a widely used software tool that affected our networks."

The University System of Georgia, which groups about 26 public colleges, said it was "evaluating the scope and severity of this potential data exposure" from the MOVEit hack.

Large organizations including the UK's telecom regulator, British Airways, the BBC and drugstore chain Boots emerged as victims last week.

CISA did not immediately respond to requests seeking further comment. The FBI and National Security Agency also did not immediately respond to emails seeking details on the breaches.

A MOVEit spokesperson said the company had "engaged with federal law enforcement" and was working with customers to help them apply fixes to their systems.

Progress Software's shares ended down 6.1% on Thursday. The company disclosed another "critical vulnerability" it found in MOVEit Transfer on Thursday, although it was not clear whether it had been exploited by hackers.

© Reuters. FILE PHOTO: The Washington Monument is seen in Washington, U.S., March 17, 2022. REUTERS/Emily Elconin/File photo

MOVEit Transfer is a popular tool used by organizations to share sensitive information with partners or customers. It could be used by a bank's customers, for instance, to upload their financial data for loan applications, said John Hammond, a security researcher at Huntress.

"There's a whole lot of potential for what an adversary might be able to get into," he said earlier this month.

Latest comments

Risk Disclosure: Trading in financial instruments and/or cryptocurrencies involves high risks including the risk of losing some, or all, of your investment amount, and may not be suitable for all investors. Prices of cryptocurrencies are extremely volatile and may be affected by external factors such as financial, regulatory or political events. Trading on margin increases the financial risks.
Before deciding to trade in financial instrument or cryptocurrencies you should be fully informed of the risks and costs associated with trading the financial markets, carefully consider your investment objectives, level of experience, and risk appetite, and seek professional advice where needed.
Fusion Media would like to remind you that the data contained in this website is not necessarily real-time nor accurate. The data and prices on the website are not necessarily provided by any market or exchange, but may be provided by market makers, and so prices may not be accurate and may differ from the actual price at any given market, meaning prices are indicative and not appropriate for trading purposes. Fusion Media and any provider of the data contained in this website will not accept liability for any loss or damage as a result of your trading, or your reliance on the information contained within this website.
It is prohibited to use, store, reproduce, display, modify, transmit or distribute the data contained in this website without the explicit prior written permission of Fusion Media and/or the data provider. All intellectual property rights are reserved by the providers and/or the exchange providing the data contained in this website.
Fusion Media may be compensated by the advertisers that appear on the website, based on your interaction with the advertisements or advertisers.
© 2007-2024 - Fusion Media Limited. All Rights Reserved.