Siemens Energy and the University of California, Los Angeles (UCLA) said on Tuesday they were among victims of the MOVEit hack that has affected scores of corporations, governments and other institutions in recent weeks.
The hackers behind the wide-ranging breach, Cl0p, had earlier boasted on their website about stealing data from UCLA and Siemens. Cl0p also claimed to have stolen data from biopharmaceutical company Abbvie Inc (ABBV.N) and French industrial group Schneider Electric.
Schneider said in a statement that it was currently investigating this claim. Abbvie did not immediately comment. Cl0p did not immediately return a message.
The FBI said in a statement it was aware of and investigating the recent exploitation of a MOVEit vulnerability by malicious ransomware actors.
Siemens and UCLA provided few additional details about the scope or consequences of the breaches. Siemens said none of its critical data had been compromised and its operations remained unaffected. UCLA said its campus systems were unaffected and that all of those who have been impacted have been notified.
The MOVEit software is used by organizations around the world to share sensitive data. Last week, U.S. pension fund Calpers and insurer Genworth Financial said personal information of their members and customers had been compromised as part of the hack.