1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • MOVEit breach chaos continues, data on hundreds of thousands leak

    From TechnologyDaily@1337:1/100 to All on Tue Dec 3 16:15:04 2024
    MOVEit breach chaos continues, data on hundreds of thousands leaked from Nokia, Morgan Stanley

    Date:
    Tue, 03 Dec 2024 16:02:00 +0000

    Description:
    Six large companies have had their data leaked, more than a year after the MOVEit drama.

    FULL STORY ======================================================================A
    hacker with the alias "Nam3L3ss" started leaking data from six companies The companies include Nokia, Bank of America, and others The data came from the MOVEit breach that happened more than a year ago

    Hackers are still leaking sensitive information stolen via the MOVEit flaw , more than a year after it was first disclosed, experts have warned.

    A threat actor with the alias Nam3L3ss recently started leaking sensitive
    data from six major companies to BreachForums: Xerox (42,735), Koch
    (237,487), Nokia (94,253), Bank of America (288,297), Bridgewater (2,141), Morgan Stanley (32,861), and JLL (62,349), The Register reports.

    The publication further added that security researchers analyzed the data
    dump and confirmed its authenticity, adding that among the leaked information are peoples full names, phone numbers, email addresses, job addresses, employee badges, job titles, and usernames. MOVEit files keep leaking

    This is the type of information cybercriminals like most (apart from
    passwords and banking data, obviously), since it allows them to run phishing, identity theft , and similar attacks that can lead to ransomware, wire fraud, and more.

    "This data is a goldmine for social engineering," Zack Ganot, chief strategy officer for Atlas Privacy said. "Knowing exactly what employee sits on which team, who they report to, what their badge number is, what building they work in, their organizational email and phone number this is some wild stuff for an attacker looking to exploit an org."

    MOVEit is a managed file transfer (MFT) tool, used by large companies to securely share sensitive files. In late May 2023, it was discovered that it had a flaw, which was successfully exploited by a Russian ransomware actor called Cl0p. This group used the flaw to exfiltrate sensitive data from hundreds of companies using MOVEit.

    Among the victims were numerous high-profile organizations across various sectors, including US government entities (Department of Energy, Office of Personnel Management), educational institutions (Johns Hopkins University), private enterprises (Shell, British Airways, Ernst & Young), and many others. In total over 62 million individuals were directly affected, with the true number likely higher. You might also like Amazon confirms employee data
    stolen after third-party MOVEit breach Here's a list of the best firewalls today These are the best endpoint protection tools right now



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/moveit-breach-chaos-continues-data-on-h undreds-of-thousands-leaked-from-nokia-morgan-stanley


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)