Shell Becomes Latest Cl0p MOVEit VictimShell Becomes Latest Cl0p MOVEit Victim
In another MOVEit attack, oil and gas giant Shell saw the release of the private information of its employees.
July 6, 2023
Shell, the multinational oil and gas company, has confirmed that it is the victim of a MOVEit hack, revealing that personal information regarding its employees was compromised.
According to a July 5 statement: "A cybersecurity incident has impacted a third-party software from Progress called MOVEit Transfer, which was running on a Shell IT platform. MOVEit Transfer is used by a small number of Shell employees and customers. This was not a ransomware event. There is no evidence of impact to any other Shell IT systems. Our IT teams are investigating. Some personal information relating to employees of the BG Group has been accessed without authorization."
Shell has not specified what kind of personal information was compromised, and it confirmed the hack only after the Cl0p cybergang published the data it allegedly stole from the company because Shell refused to negotiate.
The Cl0p ransomware group has used the MOVEit managed file transfer (MFT) to steal data from hundreds of organizations, and millions have been affected by the group's actions, including at US federal government agencies.
About the Author(s)
You May Also Like
Hacking Your Digital Identity: How Cybercriminals Can and Will Get Around Your Authentication MethodsOct 26, 2023
Modern Supply Chain Security: Integrated, Interconnected, and Context-DrivenNov 06, 2023
How to Combat the Latest Cloud Security ThreatsNov 06, 2023
Reducing Cyber Risk in Enterprise Email Systems: It's Not Just Spam and PhishingNov 01, 2023
SecOps & DevSecOps in the CloudNov 06, 2023