Global accounting and tax advisory firm, Crowe, has become the latest financial services company to be caught up in the Cl0p MOVEit breach. However, thanks to the quick response by its security department, the number of compromised clients was remarkably low.
Low impact on Crowe clients
Crowe’s security department reacted swiftly to the MOVEit attacks, leading to a limited impact on its clients. By immediately disabling access and applying the vendor-provided patches and service pack, Crowe’s security measures played a crucial role in mitigating the breach.
Notification of Impacted Clients
Out of the thousands of clients associated with Crowe, fewer than 100 were impacted by the MOVEit attacks. The affected clients have all been promptly notified, ensuring transparency and enabling them to take appropriate action.
Limited impact for Crowe
Compared to other companies affected by the MOVEit attacks, Crowe seems to have experienced relatively minimal impact. This is notable, considering the widespread use of the MOVEit system by thousands of companies worldwide for secure file transfers.
Cyberattacks against other companies by MOVEit
The MOVEit attacks have had significant repercussions, extending beyond Crowe. ING Bank, alongside three other major European banks including Deutsche Bank and Postbank, has also been confirmed as a victim of the Cl0p group’s breach. Furthermore, prominent organizations such as PwC, Ernst & Young, Sony, Siemens Energy, NYC Department of Education, and Shell Global have all fallen victim to the Cl0p MOVEit attacks.
US federal agencies impacted
The Clop gang’s activities have not spared US federal agencies, causing significant disruptions. Agencies such as the Department of Energy and Health were impacted, prompting US officials to issue a $10 million dollar bounty on the Clop gang. The severity of the attacks and their implications on critical government infrastructure led to this drastic measure.
Scope of MOVEit deployments
Industry experts estimate that around 3,000 deployments of MOVEit were in use at the time when the Cl0p gang exploited the zero-day flaw. This highlights the vast reach of the MOVEit system and the potential impact of such a breach.
Previous zero-day attack by Cl0p Group
This is not the first time the Cl0p ransomware group has made headlines. In March, they claimed responsibility for another zero-day attack, exploiting a similar file management system known as GoFortra Anywhere. This pattern of exploiting vulnerabilities in file management systems emphasizes the persistent threat posed by the Cl0p group.
The Cl0p MOVEit breach has caused disruptions across various organizations globally. Fortunately, Crowe managed to minimize the impact on its clients through rapid response and effective security measures. However, the wider ramifications of the MOVEit attacks are evident in the compromised European banks and numerous other well-known companies. The involvement of US federal agencies has elevated concerns, leading to the issuance of a substantial bounty on the Cl0p gang. This incident underscores the importance of robust cybersecurity measures and continuous vigilance to safeguard sensitive data in the ever-evolving threat landscape.