Procter & Gamble (P&G) is the latest organization to see sensitive employee data stolen by the Clop ransomware group.
The consumer giant has confirmed it has been compromised in a statement given to beep computer “We can confirm that P&G is one of many companies affected by Fortra’s GoAnywhere incident.”
“As part of this incident, an unauthorized third party obtained information about P&G employees,” Procter & Gamble told the publication.
long list of victims Although the company did not name Clop as the culprit in the incident, the ransomware gang’s security exploits quickly became known. (opens in new tab) Fortra’s secure file-sharing tool was flawed, compromising sensitive data for dozens, if not hundreds, of companies.
So far, Clop has added dozens of organizations to the data breach site, including Hitachi Energy, Hatch Bank, and Saks Fifth Avenue, with the hackers claiming to have compromised 130 organizations, but they are all still compromised. Not listed.
In this particular incident, P&G said no payment data was obtained.
“The data obtained by the unauthorized party did not include information such as social security or national identification numbers, credit card details or bank account information,” the company said.
“When we learned of this incident in early February, we immediately investigated the nature and scope of the matter and revoked it. [the] Use of Vendor’s Services and Notified Employees. ”
There is no evidence that Clop stole customer data, P&G added, concluding that the company’s business operations “continue as usual.”
Some sources claim Clop is a ransomware operator with ties to the Russian Federation. There is no information about how much the group will demand in exchange for not publishing the data online.
“We would like to inform you that we have stolen important information from your GoAnywhere MFT resource and have attached a complete list of files as proof,” the group said in a ransom note, according to media reports.
“We deliberately did not disclose your organization and wanted to negotiate with you and your leadership first.If you ignore us, we will sell your information on the black market and Publish it on a blog that gets 30,000 to 50,000 unique visitors per day..”
Via: BleepingComputer (opens in new tab)
websitebuildersnow
GIPHY App Key not set. Please check settings