The Ransomware Group clop Russian speakers gained access to the email addresses of approximately 632,000 federal employees American gods departments of Defense and Justice.
The serious security breach, as stated by experts, is a consequence of the hacking operation of MOVEit, which took place last summer. In the US government context, what happened a few months ago has already had repercussions on the Department of Health, the Department of Agriculture and other agencies of great importance for the country.
A report drawn up byOffice of Personnel Management of the United States and obtained through a request from Freedom of Information Actprovides more details about the attacks.
In the document, reported by Bloombergis explained as “The Office of Personnel Management, in a July report on the incident submitted to a congressional committee, said an unauthorized actor gained access to government email addresses, links to government employee surveys administered from OPM and OPM internal tracking codes“.
The report then goes on to state how “The affected employees were those from the Department of Justice and various parts of the Department of Defense: the Air Force, the Army, the US Army Corps of Engineers, the Office of the Secretary of Defense, the Joint Chiefs of Staff and Defense Agencies and Field Activities“.
American authorities tend to downplay Clop’s email theft
The Office of Personnel Management labeled the security breach a “serious accident“, however, at the time the government agency downplayed the risk to national security because the compromised data was considered to be “generally of low sensitivity” and unclassified.
The report confirms that the attackers managed to access the data by exploiting the MOVEit flaw in a system used by Westat Inc.which is a service provider of OPM.
The MOVEit exploit, therefore, continues to be talked about even months after its discovery, demonstrating how it was one of the most devastating cyber attacks of recent years. Clop, for its part, is one of the most famous cybercriminal groups in the world, responsible for several sensational actions such as the attack on British Airways e BBC.