The Russian ransomware gang Clop strikes again. Discover the ongoing cybersecurity crisis affecting millions of Americans.

A massive global cyber attack has exposed the personal data of millions of Americans, with Louisiana and Oregon being among the affected states. Late Thursday, state agencies revealed that the breach compromised the sensitive data of about 3.5 million Oregonians. The gang has sensitive data such as, driver’s licenses or state ID cards, and the same for individuals in Louisiana with similar documentation. Louisiana’s senior official, Casey Tingle, stated that over 6 million records were compromised. It was noted that some individuals may have duplicate records due to owning both vehicle registrations and driver’s licenses.  

While the states did not attribute blame to any specific entity, federal officials have connected this hacking campaign to a Russian ransomware gang. Clop is responsible for exploiting a vulnerability in a widely used file-transfer software called MOVEit, developed by Massachusetts-based Progress Software.   

The cyberattack had far-reaching consequences. It affected organizations worldwide, as hackers exploited a software flaw in recent weeks. This resulted in numerous data breaches. Several US federal agencies, including the Department of Energy, were among the targets. The sweeping hack also affected the US Office of Personnel Management, although no significant breaches have been reported so far. This isn’t the group’s first time striking high-profile targets.

The Roster of Victims Expands

The list of victims continues to grow, with multinational consulting giant Aon acknowledging that hackers accessed files related to a select number of their clients through the MOVEit breach. Prominent organizations such as the BBC, British Airways, and the University of Georgia have been affected by a breach this month. This breach has caused disruption to these organizations.  

Compromised data from the Oregon and Louisiana motor vehicle departments may include Social Security numbers and driver’s license numbers. State authorities have advised residents to take steps to protect themselves from identity fraud.  

Although there is no evidence of the hackers selling or releasing data stolen from the Louisiana Office of Motor Vehicles, nor have they made contact with the government, Governor John Bel Edwards’ office assured the public of ongoing vigilance.  

As the weekend approaches, US officials and corporate executives nationwide are actively searching for signs of stolen data while working to prevent the hackers from extorting their victims. Experts emphasize the importance of not only relying on technical and security data but also considering business relationships, such as contracts, to assess the extent of the breach and anticipate its impact. US cybersecurity officials have mandated that federal agencies implement updates from Progress Software. However, the recovery process faced complications on Thursday when a new vulnerability in the software was discovered, prompting urgent remediation efforts by the company.  

Impacts on Government Agencies, and Ongoing Threats

The group claiming responsibility for the attack, Clop, is known for demanding multimillion-dollar ransoms. Although US and state governments have not received any ransom demands, the hackers are targeting companies that may be more inclined to pay, using the dark web to pressure their alleged victims. Security measures, user education, strong passwords, are crucial and now more important than ever in defending against cyberattacks.  

Furthermore, it has been revealed that the Office of Personnel Management is one of multiple federal agencies affected by this far-reaching breach. The extent of the impact on the agency’s data remains under investigation. OPM handles crucial services related to human resources and retirement for the extensive federal bureaucracy.  

The Biden administration has made a swift response to cyber incidents a priority. This is shown by recent public advisories issued by federal agencies. These advisories help affected organizations and government entities to detect and resolve compromises quickly. Negotiations between Clop and its victims have shown the hackers to be exceedingly aggressive, with requests for over $100 million from one corporate victim—an audacious amount that was firmly rejected. The source familiar with these negotiations emphasized the hackers’ intensity but spoke anonymously due to unauthorized press interactions.  

According to a senior US official, several hundred companies and organizations across the US may be impacted by this hacking spree, posing a significant test to the government’s ability to respond to a cyber incident that could take months to fully comprehend. However, given the increased ransomware attacks since 2021 and the ongoing Russian cyber threats, the FBI and the US Cybersecurity and Infrastructure Security are on high alert.  

How to prevent and protect your sensitive personal data

At Constructure Technologies, we prioritize your safety and keep sensitive information secure through several security measures. Those security measures include, but are not limited to, cyber security assessments, cloud security, endpoint security, network security, and data security. We handle things such as strengthening cybersecurity measures, implement Multi-Factor Authentication (MFA, Regular Employee Training), and always stay ahead of emerging security threats.

By implementing these measures, we can significantly enhance its defenses against cyberattacks and reduce the risk of data breaches and other security incidents. However, it is important to note that cybersecurity is an ongoing effort that requires continuous monitoring, adaptation, and improvement to address the evolving nature of threats.