A Russian-speaking cybercriminal group has allegedly breached the personal data of approximately 632,000 U.S. Federal employees at the Department of Defense and the Department of Justice.
The US Federal Employees data breach primarily targeted the Defense Department, affecting officials from various branches, including the Air Force, Army, Army Corps of Engineers, the Office of the Secretary of Defense, and the Joint Staff.
The US Federal Employees data breach, unfolding earlier this year, exposed a significant number of government personnel’s email addresses, employee surveys, and internal tracking codes, according to an OPM report that Bloomberg recently acquired.
US Federal Employees Data Breach: MOVEit Vulnerabilities
The hackers responsible for this US Federal Employees data breach exploited vulnerabilities within a file transfer program known as MOVEit, a tool administered by the data management firm Westat. This software is employed by OPM to manage employee surveys. It was through this avenue that the malefactors gained illicit access.
The US Federal Employees data breach unfolded between May 28 and May 29, and though OPM described it as a “major incident,” the agency emphasized that the compromised data was predominantly of low sensitivity and was not classified.
Regrettably, neither the Justice Department nor the Defense Department has issued an immediate response to inquiries made by The Cyber Express Team.
Prior to this, an extensive cyberattack on US Federal employees transpired earlier this year when cybercriminals targeted the vulnerabilities within the MOVEit file transfer software, a tool relied upon by multiple government agencies.
This distressing trend extends beyond governmental borders, as private enterprises like Shell, the BBC, and British Airways, as well as academic institutions like Johns Hopkins University and the University of Georgia, have also fallen victim to similar data breaches. The Department of Energy was not spared from this wave either. Remarkably, nearly a dozen U.S. agencies have contracts with MOVEit, according to Politico, which highlights the severity of the issue.
The Culprit: Russian-Speaking Ransomware Group CLoP
These breaches have been attributed to a Russian-speaking ransomware group known as CLoP, which has also claimed responsibility for other attacks involving MOVEit. In an alarming revelation, the group estimated its victims to number in the hundreds, according to the Associated Press.
“The Cl0p ransomware syndicate behind the hack announced last week on its dark web site that its victims, who it suggested numbered in the hundreds, had until Wednesday to get in touch to negotiate a ransom or risk having sensitive stolen data dumped online,” quoted the Associated Press.
In a separate development, a colossal data breach affecting an estimated 3.5 million Oregon residents was disclosed by the Oregon Department of Transportation in June.
The breach exposed sensitive personal information such as social security numbers, dates of birth, physical addresses, and other data present on driver’s licenses, adding to the growing concern about cybersecurity in the modern age.
A Call to Action: Strengthening Cybersecurity
These incidents like the US Federal employee data breach emphasize the pressing need for enhanced cybersecurity measures and international cooperation to combat the ever-evolving threats in the digital landscape.
The widespread impact of these breaches calls for a collective effort to safeguard sensitive data and ensure the privacy and security of individuals and organizations in an increasingly interconnected world.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.