PricewaterhouseCoopers acknowledged Thursday it has become one of the latest victims impacted by the widespread cyberattack campaign exploiting a vulnerability in the MOVEit file transfer tool.
PwC confirmed to CRN that it has used Progress’ MOVEit product and that it has been affected by the attacks, but characterized the impacts on the company and its clients as “limited.”
“Our investigation has shown that PwC’s own IT network has not been compromised and that MOVEit’s vulnerability had a limited impact on PwC,” the company said in a statement provided to CRN.
[Related: Progress Slams Researcher For Tweeting Zero-Day MOVEit Vulnerability]
PwC said Thursday it has notified the “small number of clients whose files were impacted” in the incident. The company said it had utilized MOVEit “with a limited number of client engagements.”ADVERTISEMENT
PwC added in its statement that it had halted use of MOVEit “as soon as we learned of this incident.” The disclosure came after cybercriminal group Clop posted on its darkweb site that it has obtained PwC data. The Russian-speaking group has been demanding extortion payments from victim organizations in exchange for not posting stolen data on its site.
The group also posted that it has obtained data from Ernst & Young. The firm is “thoroughly investigating systems where data may have been accessed,” Ernst & Young said in a statement from last week.
“We have verified that the vast majority of systems which use this transfer service across our global organization were not compromised,” the company said in the statement provided to outlets including CRN.
While a series of vulnerabilities have been discovered recently in Progress’ MOVEit tool, the original flaw (tracked at CVE-2023-34362) has seen the widest exploitation by Clop in recent weeks. The vulnerability can enable escalation of administrative privileges and unauthorized access, Progress has said.
Growing List Of Victims
The California Public Employees’ Retirement System (CalPERS), which is the largest public pension fund in the U.S., confirmed Wednesday that it has been impacted by the MOVEit attacks. A CalPERS representative reportedly said Thursday that the data of 769,000 retirees was compromised.
Insurance firm Genworth, meanwhile, said Thursday that the data of as many as 2.7 milliion customers was impacted in a MOVEit-related breach.
CalPERS and Genworth both said the breaches stemmed from the hack of third-party vendor PBI Research Services.
A total of 97 organizations are known to have fallen victim to the MOVEit attacks so far, according to a tally by Emsisoft threat analyst Brett Callow.
Multiple U.S. government agencies have been impacted by the attacks, according to the Cybersecurity and Infrastructure Security Agency. At least two Department of Energy facilities—including a storage site for radioactive waste in New Mexico—have reportedly been among the victims. State agencies including the Louisiana Office of Motor Vehicles and the Oregon Driver and Motor Vehicles division have confirmed that sensitive data, including driver’s license files, has been stolen in the attacks.
Other confirmed victims of the attacks have included Shell, Johns Hopkins University and Health System, British Airways, the BBC and the Government of Nova Scotia.LEARN MORE: Cybersecurity | Current Threats
Kyle Alspach is a Senior Editor at CRN focused on cybersecurity. His coverage spans news, analysis and deep dives on the cybersecurity industry, with a focus on fast-growing segments such as cloud security, application security and identity security. He can be reached at [email protected].
RELATED CONTENT
ScanSource ‘Has Resumed’ Operations After Ransomware Attack5 Companies That Came To Win This WeekThreatLocker Alert Warns Of Increased Ransomware Attacks Using MSP RMM ToolsAwaiting Google Takeover, Mandiant Posts Q1 Sales Gains, Increasing Net LossSlide Show: The Top 25 Tech Breakthroughs Of All Time TO TOPADVERTISEMENT
TRENDING STORIES
- The 10 Coolest Cybersecurity Tools and Products In 2023 (So Far) | CRN
- The 10 Hottest Cloud Security Startups In 2023 (So Far) | CRN
- Top VMware Execs Score $42M In Total Pay Amid ‘Unprecedented’ Broadcom ‘Uncertainty,’ Board Says | C
- AWS Confirms $7.8 Billion Data Center, Cloud Regions Expansion In Ohio | CRN
- Databricks To Acquire Generative AI Startup In $1.3B Deal | CRN