P&G Cyber Attack: CL0P Ransomware Group Claims to Hit the Consumer Goods Corporation

The CL0P ransomware group recently announced that they have attacked Procter & Gamble (P&G), a renowned multinational corporation based in Cincinnati, Ohio. However, the company confirmed that though it was one of the many companies affected by Fortra’s GoAnywhere incident, there is no indication that customer data was impacted.

Clop ransomware, which operates under the Ransomware-as-a-Service (RaaS) model, was first observed in 2019. It quickly gained notoriety in the market for its highly sophisticated techniques and focus on larger organizations with a revenue of $5 million US dollars (USD) or more. 

P&G cyber attack

Putting the company to the victim list is a significant development, as P&G is one of the largest consumer goods corporations in the world, with a diverse range of products and a vast customer base. About two dozen of P&G’s brands are billion-dollar sellers, including Always, Braun, Crest, Fusion, Gillette, Head & Shoulders, Mach3, Olay, Oral-B, and Pantene.

In response to a query by The Cyber Express, P&G confirmed that it was one of the many companies affected by Fortra’s GoAnywhere incident. However, at this time, there is no indication that customer data was affected by the issue.

As part of this incident, an unauthorized third party obtained some information about P&G employees. The data that was obtained by the unauthorized party did not include information such as Social Security numbers or national identification numbers, credit card details, or bank account information,” a company spokesperson said. 

“When we learned of this incident in early February, we promptly investigated the nature and scope of the issue, disabled use of the vendor’s services, and notified employees. Our business operations are continuing as normal,” they added.

P&G cyber attack and rise of CL0P ransomware group 

The CL0P ransomware group is known for its attacks on various organizations and institutions, including universities, government agencies, and private companies.

They use sophisticated techniques to gain access to their targets’ systems and encrypt their files, demanding a ransom in exchange for the decryption key. 

According to recent reports, Hitachi Energy, Japanese technology giant Hitachi subsidiary, also fell victim to a Clop ransomware attack, resulting in a data breach. Hitachi Energy confirmed the incident via a vulnerability (CVE-2023-0669) in Fortra’s GoAnywhere MFT (Managed File Transfer).  

In recent past, the CL0P ransomware group has attacked multiple organizations and runs free in the wild. Moreover, the notorious Cl0p ransomware gang has claimed responsibility for multiple new attacks.

Among the victims are Shell Global, a major player in the energy industry, Bombardier Aviation, a high-end jet manufacturer, and several well-known universities in the US, including Stanford, Colorado, and Miami. 

However, the full extent of the damage caused is not yet clear, and it remains to be seen if any data was stolen or compromised. What is clear is that these attacks serve as a reminder of the need for companies and institutions to remain vigilant and take proactive steps to secure their networks against these types of threats.