Johns Hopkins University recently reported a cyber attack on its website, confirming a data breach. Both the university and Johns Hopkins Health Systems are currently investigating the incident. This cyber attack on Johns Hopkins University is directly linked to the MOVEit data breach, which affected several of MOVEit’s clients.
The Cl0p ransomware group has claimed responsibility for the MOVEit cyber attack and initially set a deadline of June 12 for their demands. However, this deadline was later shifted to June 14. When questioned about the timing of the breach, Johns Hopkins University responded by stating that it occurred on May 31. The university swiftly implemented measures to protect their systems, and their cybersecurity team is actively working with experts and law enforcement to assess the extent of the compromised information.
The exact details of the data stolen by the Cl0p ransomware group have not been disclosed yet. However, the university’s data breach notice indicated that sensitive personal and financial information may have been compromised. This stolen data may include names, contact information, and health billing information. Despite the cyber attack, the operations of both the university and healthcare system have not been negatively impacted.
In response to the data breach, Johns Hopkins University will be notifying individuals who have been affected by the incident. Additionally, the university’s website has remained operational following the cyber attack.
The Cl0p ransomware group has targeted multiple companies through the MOVEit Transfer security breach. Several UK-based companies, including the BBC, British Airways, and Boots, were named as victims on the hacker’s website. It’s worth noting that not all the organizations mentioned were solely affected by the MOVEit cyber attack. For example, the hackers gained access to the payroll service provider Zellis through MOVEit and misused data from other clients.
Johns Hopkins University is not the only recent victim of the MOVEit cyber attack. The Cl0p ransomware group has also claimed to have attacked the University of Georgia and Ernst & Young. However, it is still uncertain whether these organizations were involved in the MOVEit attack or if they were targeted separately. Contrary to the hackers’ threat of leaking data on June 14, no data has been reported as leaked at this time. Cl0p has stated that they will wait another seven days before leaking data from the named organizations.
Cybersecurity researchers have been actively discussing the Moveit cyber attack and the added victims on social media. Screenshots of Cl0p’s dark web portal and the names of additional victims have been shared. However, the authenticity of these claims has not been proven, and it is important to treat this information with caution until verified.
The Cl0p ransomware group has previously targeted other file transfer service providers, such as Fortra’s GoAnywhere and Accellion. These incidents highlight the importance of file transfer service providers having robust teams to identify and patch vulnerabilities to prevent future attacks from groups like Cl0p.
It’s important to note that the information provided in this report is based on internal and external research obtained through various means and is for reference purposes only. Users should take full responsibility for their reliance on this information, and the Cyber Express assumes no liability for its accuracy or any consequences resulting from its use.