
By Byron V. Acohido
It was bound to happen. Clop, the Russia-based ransomware gang that executed the MOVEit-Zellis supply chain hack, has commenced making extortion demands of some big name U.S. federal agencies, in addition to global corporations.
Related: Supply-chain hack ultimatum
The nefarious Clop gang initially compromised MOVEit, which provided them a beachhead to gain access to Zellis, a UK-based supplier of payroll services. Breaching Zellis then gave them a path to Zellis’ customer base.
According to Lawrence Abrams, Editor in Chief of Bleeping Computer, the Clop ransomware gang began listing victims on its data leak site on June 14th, warning that they will begin leaking stolen data on June 21st if their extortion demands are not met.
Among the victims listed were Shell, UnitedHealthcare Student Resources, the University of Georgia, University System of Georgia, Heidelberger Druck, and Landal Greenparks.
As for federal agencies, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has confirmed breaches due to this vulnerability. “CISA is providing support to several federal agencies that have experienced intrusions affecting their MOVEit applications,” said Eric Goldstein,