Officials reported on Thursday that the US Department of Energy and many other federal organisations were targeted in a global cyber effort that took advantage of a flaw in commonly used file-transfer software.
According to a statement from the energy department, two entities’ data was “compromised” when hackers used a security hole in MOVEit Transfer to get access.
Both of those organisations, according to a DOE official, are the nuclear waste disposal facility in New Mexico known as the Waste Isolation Pilot Plant and the DOE contractor Oak Ridge Associated Universities.
Johns Hopkins University, the Johns Hopkins Health System, the University System of Georgia, and the British energy firm Shell all claimed damage in separate announcements. The Johns Hopkins Health System is a not-for-profit organisation that has collaborated with the University and functions under it six hospitals and primary care centres.
The new victims are one of the many among an expanding list of organizations in the United States, Britain, and other nations whose systems were compromised through the MOVEit Transfer programme. The maker of the software, Progress Software, found a security hole late last month, which was exploited by the hackers.
In a previous statement, the extortion organisation Cl0p, which has accepted responsibility for the MOVEit breach, stated that it would not use any data obtained from governmental organizations and that it has destroyed all such data.
Although it did not identify the affected federal agencies, the US Cybersecurity and Infrastructure Security Agency (CISA) stated that it was assisting several of them. CISA said, “At this time, we are not tracking any significant impacts to the federal civilian executive branch (.gov) enterprise but are continuing to work with our partners on this issue.”
The energy department, which oversees the nation’s nuclear infrastructure and energy policy, claimed to have informed Congress of the breach and to be working with law enforcement and CISA on the inquiry.
According to a representative for Shell, the MOVEit Transfer-related incident did not appear to have any negative effects on Shell’s primary IT systems. The spokesperson for the company said, “There are about 50 users of the tool, and we are urgently investigating what data may have been impacted.”
The Johns Hopkins also said that it was “investigating a recent cybersecurity attack targeting a widely used software tool that affected our networks.”
About 26 public colleges make up the University System of Georgia, which stated that it was “evaluating the scope and severity of this potential data exposure” as a result of the MOVEit attack.
