One of the biggest gold and copper miners in the world is among the latest companies to be listed as victims of the vulnerability in Progress Sofware’s MOVEit file transfer platform, according to a cybersecurity researcher.
Brett Callow, Canadian-based threat researcher for Emsisoft, tweeted today that Barrick Gold Corp. of Toronto has been listed by the Clop/Cl0p ransomware and data theft gang as being among the companies it hit.
Neither Barrick’s CEO nor its press spokesperson have responded to requests for comment by press time. This story will be updated when they reply.
Two other victims were listed by Clop today, making the total number of publicly-reported victim organizations 193, according to Callow. It isn’t known how many of them paid to prevent their stolen data from being leaked either publicly or to other crooks.
Barrick, which says it is the largest gold producer in the U.S., posted net earnings of US$432 million on US$5.6 billion in sales in its last fiscal year, through its 15 gold and three copper mines in 12 countries.
The other organizations listed as victims today by Clop are Texas Dow Employees Credit Union and the Texas-based United Regional Health Care System.
Also today, Progress Software said that in response to customer demand for a regular update schedule, its MOVEit team has formalized a regular Service Pack program for all MOVEit products. “We expect to release a new Service Pack approximately every two months going forward,” the company said. “All details on major releases, service packs, including today’s release, and hot fixes can be found in the MOVEit Product Hub.
The first Service Pack is now available, and includes product and security fixes for supported versions of MOVEit Transfer. The Service Pack has also been applied to MOVEit Cloud. MOVEit Automation will be included in future Service Pack releases. Today’s release includes improvements to the MOVEit Transfer database, optimization of the installer, and fixes for three new CVEs.
A wide range of companies that either use MOVEit internally or through a service provider have acknowledged being victims. They include:
–the Metro Vancouver Transit Police department. The agency said this week 186 of its files were copied. That is a “limited number” of its files, the agency added. There were no details about what was in the files;
— Oregon’s Department of Transportation, which said data on 3.5 million residents of the state was copied. It can’t say specifically what was copied, but those with active Oregon ID or drivers’ licences should assume related information was involved;
–Louisiana’s Office of Motor Vehicles, which said all residents with a state-issued driver’s licence, ID or car registration had personal data copied. That includes their names, addresses, Social Security numbers;
—the New York City public school system, which said personal data of more than 45,000 students and staff were copied.
