![]() ![]() The hackers are being “extremely aggressive” in negotiations to try to extort victims, said the source, who spoke on the condition of anonymity because they were not authorized to speak to the press. One person with direct knowledge of negotiations between Clop and its victims said the hackers had in one case asked for more than $100 million from one corporate victim - an audacious number that was a nonstarter. He pointed to a recent public advisory from federal agencies “to help affected companies and government agencies rapidly find compromises and fix them.” The Biden administration has “focused on rapid response to cyber incidents,” National Security Council spokesperson Adam Hodge said in a statement this week. Officials are still investigating what data in OPM’s custody may be affected. The agency is in charge of human resources, retirement and other services for the vast federal bureaucracy.Ī spokesperson for the agency had no comment when reached by CNN on Friday evening. The OPM is one of multiple federal agencies impacted by the sweeping hack, current and former US officials familiar with the matter told CNN Friday. The hackers appear to be focusing their extortion on companies that may pay, adding alleged victims to their dark-web site to pressure them. US cybersecurity officials have ordered federal agencies to apply updates from Progress Software, but the recovery process was complicated on Thursday by the discovery of a fresh vulnerability in the software that the company is racing to fix.Ĭlop, the Russian-speaking hackers that claimed credit, are known to demand multimillion-dollar ransoms, though US and state governments say they have not received any demands. “We can’t just rely on technical and security data related to vulnerable [software installations, but also business relationships – contracts, for example – to really understand how bad this is, and how bad it’s going to get,” Munish Walther-Puri, senior director of critical infrastructure at consultancy Exiger, told CNN. Heading into the weekend, US officials and corporate executives across the country continue hunt for signs of stolen data and to try to keep keep the hackers from extorting victims. John Bel Edwards said in a statement.Įxclusive: US government agencies hit in global cyberattack There is no sign that the hackers have sold or released data stolen from the Louisiana Office of Motor Vehicles, and the hackers have not contacted the state government, the office of Louisiana Gov. The data exposed in the breach of the Oregon and Louisiana motor vehicle departments may include Social Security numbers and driver’s license numbers, prompting state authorities to advise their residents on how they can protect themselves from identity fraud. Other big corporations, including the BBC and British Airways, and universities such as the University of Georgia, have also been impacted by the breach. The list of confirmed victims grew Friday afternoon after multinational consulting giant Aon told CNN that files related to a “select number of our clients” were accessed by hackers in the MOVEit breach. US officials have described the cyberattack as an opportunistic, financially motivated hack that has not caused disruptions to agency services. The US Office of Personnel Management was also impacted by the sweeping hack, multiple sources told CNN Friday, but none of the breaches of federal agencies so far have been deemed serious. ![]() Multiple US federal agencies, including the Department of Energy, were breached, CNN first reported on Thursday. Hundreds of organizations across the globe have likely had their data exposed after the hackers used the flaw to break into networks in recent weeks. The hackers exploited a flaw in a popular file-transfer software known as MOVEit made by Massachusetts-based Progress Software. The states did not blame anyone in particular for the hack, but federal officials have attributed a broader hacking campaign using the same vulnerability to a Russian ransomware gang. Casey Tingle, a senior official in the Louisiana governor’s office, said Friday that more than 6 million records were compromised while noting that that number is duplicative because some people have both vehicle registrations and a driver’s license. The breach has affected 3.5 million Oregonians with driver’s licenses or state ID cards, and anyone with that documentation in Louisiana, authorities said. Millions of people in Louisiana and Oregon have had their data compromised in the sprawling cyberattack that has also hit the US federal government, state agencies said late Thursday. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |