Russian-speaking Clop ransomware group gained access to the email addresses of about 632,000 US federal employees at the departments of Defense and Justice. The security breach is the result of the MOVEit hacking campaign that took place this summer. The MOVEit campaign also targeted additional US agencies, including the Department of Health and Human Services, the Department of Agriculture, and the General Services Administration.
The news of the attacks on the government departments was reported by federal cybersecurity officers to the House Science, Space and Technology Committee in July.
A report written by the US Office of Personnel Management, and obtained through a Freedom of Information Act request, provides more details about the attacks.
The Office of Personnel Management labeled the security breach as a “major incident,” however, at the time the government agency downplayed the risk of homeland security because the compromised data was “generally of low sensitivity” and not classified.
The report confirmed that attackers gained access to the data by exploiting the MOVEit flaw in a system used by Westat Inc., which is a service provider of OPM.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, data breach)