The security breach of the MOVEit file transfer software, exploited by the Cl0p ransomware group, continues to generate a lot of buzz, with new companies and institutions being affected almost every week.
The consultancy Deloitte has joined the list, being the third of the ‘Big Four’ that has appeared on the leak page of the dark web of the aforementioned gang of cybercriminals.
Last month Cl0p claimed to have compromised the systems of other consulting giants, EY and PWC.
In his post, Cl0p claimed that the company did not care about its customers and had ignored their security, leading to the belief that hackers may have accessed their personal information.
Deloitte has openly acknowledged being affected by this incident, but has refuted the claims of the threat actors.
They also note that after the attack they took immediate steps to apply security updates in accordance with the vendor’s guidance to mitigate risks to their customers.
Deloitte also reportedly launched an investigation into the incident, determining that no data has been affected.
For now, the section dedicated to Deloitte on the Cl0p page does not yet have links to download files. This could indicate that the consultant is telling the truth. Or maybe things change in a few days and the ransomware group shows the supposed trump card it has up its sleeve.
CyberSec84 | Cybersecurity news. 
Leave a comment