Gen Digital, the parent company of antivirus companies such as Norton, Avast, Avira and AVG, has been attacked by hackers. The Russian hacker group Clop claims responsibility for the cyber attack and says it stole employee data. A spokesperson for Gen Digital says the attackers have not infiltrated any major IT systems.
He confirms this to SecurityWeek.
Gen Digital latest victim of MOVEit Transfer exploit
The hackers exploited an unpatched zero-day exploit in MOVEit Transfer, a file-sharing application. At the end of May, Progress warned of a severe vulnerability. Malicious people could steal confidential and privacy-sensitive data through the leak. The software developer and the National Cyber Security Center (NCSC) advised to close the vulnerability as soon as possible.
The Russian hacker group Clop says it has attacked “hundreds of companies” via the exploit in MOVEit Transfer. One of the victims is Gen Digital. The hacker collective added the name of the American technology company to their list of victims this week.
Russian hackers steal private data of employees and temporary workers.
A spokesperson for the company confirms to SecurityWeek that hackers have exploited the vulnerability in MOVEit Transfer to penetrate internal systems. No core systems were compromised, but the personal data of employees and temporary workers were captured. This includes names, e-mail addresses and ID numbers, and residential addresses and dates of birth in a limited number of cases.
“We immediately investigated the extent of the problem. Relevant data protection authorities and our employees whose data may have been compromised have been notified of the incident,” said a spokesperson. He also states that Gen Digital’s IT employees have taken immediate measures to protect the digital work environment.
Many victims due to vulnerability MOVEit Transfer
Gen Digital is undoubtedly not the only victim who has had confidential data stolen through the vulnerability in MOVEit Transfer. Earlier, airlines British Airways and Aer Lingus, pharmacy chain Boots, the British broadcaster BBC, the Canadian province of Nova Scotia government, the British payroll company Zellis and the University of Rochester said that hackers had stolen data via this application.
Landal GreenParks informed about 12,000 visitors earlier this month that hackers may have stolen their data. Although Landal had not received any concrete threats from the attackers, it did warn customers to be alert to scams such as phishing and helpdesk fraud.
Last week, Shell said the company was also affected by the vulnerability in MOVEit Transfer. A spokesperson said that “a number of Shell employees and customers” use the application to send files. In its own words, there were no indications that hackers had penetrated important IT systems and stolen data.