Clop ransomware group is suspected to have exfiltrated data of Pennsylvania residents, according to recent reports.
After claiming the M&T Bank data breach, which gave hackers access to the data of Massachusetts residents, the ransomware group seems to have expanded its reach to its neighboring states.
However, there has been no concrete evidence to support the Pennsylvania data breach yet.
Pennsylvania Data Breach and M&T Bank Cyber Attack by Clop
The M&T Bank stated in a letter to its customers about suffering a major cybersecurity incident stemming from the widespread impact of the MOVEit vulnerability exploitation.
The MOVEit security breach, which commenced in May 2023, has impacted over 1,062 organizations, with the financial and services sectors being the hardest hit, closely followed by the education sector.
The M&T Bank cyber attack is suspected to have given access to customer data and has led the hackers to other connected companies.
In a statement to the customers, the bank confirmed that limited customer information stored by third-party service providers was compromised. Names, addresses, and bank account numbers were likely exposed to Clop during the M&T Bank data breach.
The bank confirmed that its internal systems were not breached by hackers. The incident was entirely due to the third-party service that the bank used as a file transfer service.
“No PINs or passwords were exposed. This information did not include sensitive data such as social security numbers, date of birth, or debit/credit card numbers,” wrote the bank in the statement.
Since the MOVEit ransomware attack was successful after the exploitation of a vulnerability in its software, M&T Bank immediately installed security patches after learning about being impacted by the same incident.
Pennsylvania Data Breach by Clop Ransomware Group
Cybersecurity researcher Dominic Alvieri tweeted about the M&T Bank data breach. “Clop ransomware stole data of 95,000 M&T Bank residents in Massachusetts as reported to state officials,” he tweeted. This draws attention to the scale of damage caused due to the M&T Bank data breach.
In the latest update, Dominic wrote about the Pennsylvania data breach that led the Clop ransomware group gain access to information of an undisclosed number of Pennsylvania residents. “I didn’t see other states listed before. How many states were impacted M&T Bank?” Dominic wrote.
MOVEIt Exploitation Record
According to the Emsisoft Blog, which has been continuously recording MOVEit statistics, the data of over 65,435,641 individuals has been exposed to hackers thus far.
Hacker from the Cl0p ransomware group gained access to the MOVEit file transfer platform after finding a flaw in its systems. MOVEit is used by a wide range of clients across sectors including government, finance, education, manufacturing, etc.
Hence, a vulnerability in its software in May 2023, allowed the ransomware group to gain access to its client organizations.
Schools have been disrupted and bank details exposed to cybercriminals who have been threatening dozens of organizations in individual posts on their website about leaking their data if a ransom is not paid.
The vulnerability was identified and patched by the company which every user relying on MOVEit is expected to update to prevent further damage. Installing software updates is a small effort that takes minutes which prevents major cybersecurity incidents and data loss.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.
