The U.S. Department of Health and Human Services (HHS) was affected by a significant hack that targeted MOVEit Transfer, a software used by HHS.
Although HHS systems and networks remained uncompromised, the attackers managed to access data by exploiting vulnerabilities in the software, which belonged to third-party vendors.
The hacking group responsible for this breach, known as cl0p, claimed responsibility for stealing data from two prominent law firms, Kirkland & Ellis LLP and K&L Gates LLP. This claim was made public when the group posted the names of the two law firms on its leak site, typically an indication that negotiations between the hackers and the victims had broken down.
It is worth noting that HHS’ name was not listed among cl0p’s reported victims. Nevertheless, the group has previously stated that it does not intentionally steal data from government organizations. However, this does not rule out the possibility of compromised data.
Bloomberg had previously reported that HHS was impacted by the hack, citing an insider at the department who suggested that tens of thousands of records may have been exposed. As of now, cl0p has not responded to an email seeking comment.
cl0p is a group of hackers who primarily communicate in Russian. They have gained unauthorized access to a significant amount of organizational data by exploiting MOVEit Transfer, a commercial file management tool developed by Progress Software.
Jon Clay, vice president for threat intelligence at cybersecurity firm TrendMicro, described cl0p as a resourceful group with little incentive to halt their criminal activities, stating, “They aren’t going away unless they face significant pressure.”