A cyber attack targeting Majorel Germany has been linked to an exploit in the MOVEit software, according to reports. The attack took advantage of an SQL injection vulnerability that had been previously exploited before the company issued a notification about it on May 31. Customers of the software were advised to check for signs of unauthorized access over the past 30 days.
At the time of the attack, there were approximately 2,500 instances of MOVEit Transfer exposed to the public internet, with the majority being located in the United States. The cyber attack has been attributed to the Russia-based Clop ransomware gang.
Deutsche Bank, however, has assured customers that its systems were not affected by the attack. In a statement, the bank revealed that the incident occurred before the vulnerability in the MOVEit software became public. It stated that only a single system running the software in Germany was impacted.
The data leak at the account switching service provider has also impacted other German banks, including Postbank, Comdirect, and ING. According to German news outlet Handelsblatt, a low four-digit number of customers who used the statutory account switching assistance when opening a current account with ING are affected. Commerzbank has confirmed that customers of its Comdirect brand were also affected by the data leak.
The cyber attack and data breach have raised concerns about the security of financial institutions and their customers. The SQL injection vulnerability in the MOVEit software highlights the importance of promptly addressing and notifying users about potential vulnerabilities. Companies should take proactive measures to secure their systems and regularly update their software to protect against cyber attacks.
In response to the incident, it is crucial for organizations to conduct thorough investigations to determine the extent of the data breach and any potential compromise of customer information. Additionally, affected banks must take steps to notify and support their customers, including offering assistance in resolving any potential issues arising from the data leak.
The incident serves as a reminder for all businesses and individuals to remain vigilant about cybersecurity. It is essential to regularly update software, employ strong passwords, and utilize encryption techniques to protect sensitive information. Furthermore, organizations should consider implementing comprehensive cybersecurity measures, including conducting regular security audits and training employees to recognize and respond to potential threats.
The cyber attack on Majorel Germany and the subsequent data leak at the account switching service provider have highlighted the ongoing challenges and risks associated with cybersecurity. It is imperative for organizations to remain proactive in their efforts to protect sensitive data and ensure the safety of their customers. By investing in robust security measures and staying informed about the latest threats and vulnerabilities, businesses can minimize the risk of cyber attacks and protect their reputation and customer trust.