US health department, law firms latest hit in wide-ranging hack

Send a link to a friend  Share

[June 29, 2023]  By Raphael Satter
 
WASHINGTON (Reuters) -The U.S. Department of Health and Human Services (HHS) was among those affected by a wide-ranging hack centered on a piece of software called MOVEit Transfer, a source at HHS said on Wednesday.  

A worker arrives at the Department of Health and Human Services in Washington, October 1, 2013. REUTERS/James Lawler Duggan/File Photo

"While no HHS systems or networks were compromised, attackers gained access to data by exploiting the vulnerability in the MOVEit Transfer software of third-party vendors," a health department official familiar with the matter said.

Hackers behind the massive breach also claimed credit for stealing data from two major law firms, Kirkland & Ellis LLP and K&L Gates LLP.

The ransomware gang known as cl0p posted the names of Kirkland & Ellis LLP and K&L Gates LLP to its leak site, typically a sign that negotiations between the victims and the hackers had broken down.

The hackers' claims could not immediately be verified. Kirkland and K&L did not immediately return messages left after hours. A spokesperson for HHS could not immediately be reached.

HHS' name did not appear among cl0p's list of purported victims. The group has previously insisted it doesn't deliberately steal data from government organizations, but that doesn't mean that data hasn't been compromised.

Bloomberg earlier reported that HHS was affected by the hack, citing a person familiar with the incident at the department as saying that tens of thousands of records could have been exposed.

Cl0p didn't immediately return an email seeking comment.

Believed by researchers to be a Russian-speaking group of hackers, cl0p was recently able to gain access to a wide swathe of organizations' data by compromising MOVEit Transfer, a file commercial management tool made by Progress Software.

Speaking to Reuters ahead of the latest claims, Jon Clay, the vice president for threat intelligence at cybersecurity firm TrendMicro, described cl0p as a resourceful group with little incentive to stop its shakedown spree.

"They aren't going away," he said. "Unless the heat gets on them very bad."

(Reporting by Raphael Satter; Editing by Lincoln Feast)

[© 2023 Thomson Reuters. All rights reserved.]

Copyright 2022 Reuters. All rights reserved. This material may not be published, broadcast, rewritten or redistributed.  Thompson Reuters is solely responsible for this content.

 

 

Back to top