- “Ducktail” Hackers Target Facebook - September 28, 2023
- Okta Breach: Super Admin Hack - September 24, 2023
- Rackspace: $10.8M Cloud Shift - September 23, 2023
Leading provider of obituary databases PBI found that their MOVEit Transfer servers had been improperly accessed after a zero-day vulnerability was used. Over 370,000 people had their personal information, including names, partial postal addresses, Social Security numbers, and dates of birth, stolen by attackers. PBI has begun alerting impacted consumers and has started providing services for two years for credit monitoring and identity restoration.
PBI Data Breach: Massive Impact and Cl0p’s Ransomware Reign
The hack also had an effect on other businesses who used PBI as a third-party provider. CalPERS, the largest US public pension fund, calculated that around 769,000 individuals’ personal information may have been stolen, while insurer Wilton Re stated that information about nearly 1.5 million persons had been exposed.
The exploit’s author, the Russian-based Cl0p ransomware cartel, took credit for it. Over 200 organizations were affected by the hack, and over 17 million people were made vulnerable. Using the ransomware-as-a-service (RaaS) business model, Cl0p rents out its software to partners in exchange for a share of the ransom money.
Using the “double-extortion” strategy of data exfiltration and encryption, Cl0p has been publishing the identities of victims on its dark web leak site since June 14th. They refuse to reestablish connection and publish the stolen data if the ransom is not paid. Depending on how each business used the file transfer technology, different data exposure levels exist.
This incident emphasizes the critical necessity for strong cybersecurity measures to defend against sophisticated attacks and emphasizes the need of swiftly fixing holes to stop unauthorized access and data exfiltration.