Tag: moveit file management

  • The US has declared a $10 million dollar bounty for more information on this ransomware

    The US has declared a $10 million dollar bounty for more information on this ransomware

    The US State Department’s “Rewards for Justice” program announced a 10 million dollar bounty for any information leading to clues on how the Clop ransomware attacks are linked to attacks on foreign governments.

    Announced via Twitter, the Rewards for Justice account tweeted “Do you have info linking CL0P Ransomware Gang or any other malicious cyber actors targeting U.S. critical infrastructure to a foreign government? Send us a tip. You could be eligible for a reward.” This program was initially launched to gather information on terrorist groups targeting US interests.

    The program has now grown to include attacks perpetrated by cyber criminals (even outside the US). It has collected information on the REvil ransomware, Russian Sandworm hackers, Evil Corp hacking group and more.

    This Isn’t the first time the US has announced a substantial bounty for information on cyber crime, in May of this year the Department of Justice also announced a $10 million dollar bounty for information leading to the arrest of the alleged Russian ransomware mastermind Mikhail Pavlovich Matveev, also known online as “Wazawaka”.

    Mikhail Pavlovich Matveev or “Wazawaka” was accused of demanding $400 million from his victims (most of which purportedly paid). His exploits make him one of the most prolific single cyber criminals in history, but due to his illusive nature he still remains uncaught despite the substantial bounty on his head.

    Switching back to our story on the “Clop” ransomware, we covered one of the victims of this ransomware just last week in our article on the CalPers/CalSTRs data breach. Clop was used in the zero-day vulnerability found in the MOVEit file transfer software.

    Now, the group behind the Cl0p ransomware is extorting companies whose data was stolen during the attack and threatening to leak it online if the ransom is not paid.

    Victims of the Cl0p ransomware attack received this message June 17th, outlining the demands the group has for them and even offering an online chat to discuss the terms of payment. Victims are being given just 3 days to come to an agreement or an online page will be created by the group and their information will be leaked online.

    Outside of paying the ransom or dealing with the fallout of their data being leaked, there is little recourse for victims of this type of crime. The bounty is not due to the businesses and individuals whose data has been stolen in this attack, but the fear that the Cl0p ransomware group also received information on data sensitive to US security during their attack.

    The Cl0p ransomware group has said they will be deleting any data that pertains to the US or foreign governments, but of course there is no way to confirm this is true. All in all it will be interesting to see how the effects of offering a bounty for information leading to the arrest of individuals involved in these attacks acts as a deterrent for future attacks.

    If your data was leaked in this recent breach or you’re worried about identity theft, we do have some tips on what to do if your information has been leaked online or or to lower your risk factors below:

    Of course, the best method of keeping your data safe is to prevent it from being leaked in the first place, and Valley Techlogic can help. Cyber security is our main focus, and we know the cost of prevention can often dwarf the cost of remediation when it comes to cybercrime many times over. Learn more about how we can improve the security in your business today.

    Looking for more to read? We suggest these other articles from our site.

    This article was powered by Valley Techlogic, an IT service provider in Atwater, CA. You can find more information at https://www.valleytechlogic.com/ or on Facebook at https://www.facebook.com/valleytechlogic/ . Follow us on Twitter at https://x.com/valleytechlogic.

  • California retiree’s pensions possibly in limbo after data breach targets the nation’s biggest pension funds

    California retiree’s pensions possibly in limbo after data breach targets the nation’s biggest pension funds

    News just broke yesterday that a data breach targeting the nation’s biggest pension funds CalPERS (California Public Employees’ Retirement System) and CalSTRS (California State Teachers’ Retirement System) lead to the release of identity information on more than 1.1 million of their members collectively.

    Not only will this breach possibly affect the pensions and identity security of existing members but also those who have not yet reached retirement age but whose information is still in the system. Even family members of affected users may have had their identifying information leaked during the breach if their details were added to these systems.

    CalPERS released a statement saying that the breach did not affect their own systems and it will not affect current members’ monthly benefits. Still, the company has said they have upped their security measures and will be offering free credit monitoring for affected users. Users should receive a notice soon as to whether or not their information was identified as being compromised by the breach.

    Information that was allegedly leaked includes addresses, dates of birth, social security numbers and more.

    The origin of the breach was through the PBI Research Services MOVEit file management software which CalPERS and CalSTRS use as a third-party vendor to identify death benefits or for additional beneficiaries in their systems. The effects of this the zero day hack on the MOVEit software are still reverberating throughout the US, with other companies reporting being affected such as Siemens, UCLA, Schneider Electric and more.

    Although PBI Research Services was notified of the breach themselves on June 4th, it was still two more weeks before CalPERS and CalSTRS were notified which has led to a delayed response. PBI has also notified federal law enforcement to ensure extra steps are taken to protect the pension fund status of affected users. Additional identity checks are expected to be put in place to make sure pension funds are only claimed by those who are eligible for them.

    California’s treasurer Fiona Ma is urging that a special meeting be held to discuss the aftermath of this breach, which only elaborates how serious this is. Ma sits on the board of both pension funds.

    We want to reiterate that pension funds are not currently at risk, however due to the nature of identity theft, preventing future fallout from this breach is of the utmost importance and no small task.

    This breach elaborates on the importance of vetting your vendors well. Even if you’re doing everything you can to protect your business from a cyber-attack, vendors you use that have access to your systems also need to do their part or your efforts may be in vain. Here is a checklist you can use when vetting a new technology vendor:

    If you need assistance in making in recovering for a data breach, or to prevent one from happening to your business in the first place Valley Techlogic is here for you. Cyber security efficacy is one of our core company values and our customers security concerns are regarded with the utmost importance. Schedule a consultation today to learn more.

    Looking for more to read? We suggest these other articles from our site.

    This article was powered by Valley Techlogic, an IT service provider in Atwater, CA. You can find more information at https://www.valleytechlogic.com/ or on Facebook at https://www.facebook.com/valleytechlogic/ . Follow us on Twitter at https://x.com/valleytechlogic.