MOVEit Cyberattack Exposes 632K US Federal Employee Emails

As a result of a vast cyber intrusion, a hacking gang called Clop, or Cl0p gained access to the email addresses of approximately 632,000 employees from the U.S. Department of Defense and Justice.

A detailed dossier, curated by the U.S. Office of Personnel Management (OPM), unveils nuances of the cyber onslaught wherein perpetrators exploited vulnerabilities in MOVEit—a renowned file transfer tool. Earlier, federal cybersecurity agencies had acknowledged the breach of governmental infrastructures but remained reticent about the scale of the assault and did not delineate the impacted departments.

The OPM has disclosed that the malicious entity procured unauthorized access to government email addresses, hyperlinks to employee surveys orchestrated by OPM, and OPM’s internal tracking codes. The personnel ensnared encompassed those from the Department of Justice, various subdivisions of the Department of Defense, including the Air Force, Army, U.S. Army Corps of Engineers, the Defense Minister’s Office, Joint Chiefs of Staff Committee, defense agencies, and their field services.

According to OPM, there’s no compelling evidence to infer that the assault poses a significant threat, asserting that the compromised data was of minimal criticality and lacked confidentiality. It’s noteworthy that several other U.S. agencies and prominent corporations have previously fallen prey to this group, including the U.S. Department of Energy, Shell, Deutsche Bank, and PwC.

The report posits that the malefactors accessed data by exploiting a loophole in the MOVEit program, employed by Westat Inc. (an OPM contractor) for administering data from civil servant sentiment surveys. The dossier maintains there’s no indication that any survey links were compromised.

A representative from Progress Software Corp., the parent entity of MOVEit, articulated that measures have been implemented to mitigate the ramifications of the cyber-attack. The firm also extended its condolences to the affected users and reaffirmed its commitment to collaborating in the industry’s endeavors to counteract cybercrime.

A Westat spokesperson conveyed that the firm had conducted an exhaustive investigation and collaborated with external experts to assess system security and reduce the likelihood of analogous incidents in the future.