Info from dozens of companies, millions of Americans compromised by Russian-speaking cybercrime group

More victims have emerged of a Russian-speaking cybercrime group whose recent spree includes stealing information from several federal U.S. agencies.

More victims have emerged of a Russian-speaking cybercrime group whose recent spree includes stealing information from several federal U.S. agencies.

The BBC, Shell, Johns Hopkins Health Systems, British Airways, the state of Illinois, and the departments of motor vehicles of Oregon and Louisiana all appear to have had their files stolen, according to various news releases.

The group, CL0P, is an established ransomware group, a type of organized cybercrime where hackers try to remotely extort victims by either remotely encrypting their data or stealing and threatening to publish files.

On Thursday, the Cybersecurity and Infrastructure Security Agency (CISA), a federal agency that advises the nation on cyberattacks and helps protect federal networks, said that multiple agencies had been affected by CL0P’s recent spree. Only the Department of Energy has said so far that it is a victim.

CL0P appears to have struck gold by identifying a flaw in MOVEIt, a computer program designed to help companies transfer files. Organizations using an outdated version of MOVEIt are susceptible to an attack where CL0P can scoop up files.