Hackers have managed to penetrate TomTom’s internal systems and steal a large amount of data. The perpetrators exploited a vulnerability in the application MOVEit Transfer. Which data the attackers managed to get their hands on, the navigation company leaves in the middle.
TomTom confirms the data theft to the ANP news agency.
‘No negative material impact’
Twitter channel FalconFeedsio said on Tuesday that Russian hacker group Clop had put new names on their victim list. One of the names the hackers mentioned was TomTom. The attackers claim that they stole 82 GB of company data. The hacker collective does not want to say what kind of data it concerns.A spokesman for TomTom tells ANP that cybercriminals have gained access to the company’s internal systems. He emphasizes that “the door is closed” and that no data that could have a “negative material impact on TomTom or its customers” has been stolen. This would appear from preliminary research by cybersecurity experts hired by the navigation company.The spokesperson does not want to say what kind of data the hackers stole. He does want to say that TomTom has reported the data breach to the Dutch Data Protection Authority.
Hacker group makes many victims
The hackers managed to penetrate TomTom’s systems by exploiting a vulnerability in MOVEit Transfer, an application that many companies and organizations use to exchange files. At the end of May, developer Progress announced that the software contained a zero-day exploit. This allowed hackers to access company systems and steal confidential data.Hacker group Clop claims to have attacked “hundreds” of companies and organizations by exploiting this vulnerability. Dozens of authorities have already confirmed this, including airlines British Airways and Aer Lingus, pharmacy chain Boots, the British broadcaster BBC, the government of the Canadian province of Nova Scotia, the British payroll company Zellis, the University of Rochester, the University of Georgia, investment fund Putnam, various US banks and Gen Digital.TomTom is not the only Dutch company that has fallen victim to Russian hackers. In June, Landal GreenParks warned that the names and personal data of 12,000 holidaymakers may have been leaked. Furthermore, Shell confirmed that hackers exploited the vulnerability in MOVEit Transfer to steal data. No major IT systems were compromised in the attack. “Our IT teams are conducting an investigation. We do not communicate with the hackers,” the spokesperson said.
Another three serious vulnerabilities discovered in MOVEit Transfer
It is difficult to say how many companies and organizations are affected by the vulnerability in MOVEit Transfer. A security researcher at Emsisoft, Brett Callow, suspects that at least 280 companies are currently involved. The personal data of more than 17.7 million people were allegedly stolen.Progress recently warned that security specialists had again found three critical vulnerabilities in MOVEit Transfer. The developer recommends that customers install the latest Service Pack immediately.