By Raphael Satter
WASHINGTON (Reuters) – The U.S. Department of Health and Human Services (HHS) was among those affected by a wide-ranging hack centered on a piece of software called MOVEit Transfer, Bloomberg News reported on Wednesday.
The report comes as the hackers behind the massive breach claimed credit for stealing data from two major law firms, Kirkland & Ellis LLP and K&L Gates LLP.
The ransomware gang known as cl0p posted the names of Kirkland & Ellis LLP and K&L Gates LLP to its leak site, typically a sign that negotiations between the victims and the hackers had broken down.
The hackers’ claims could not immediately be verified. Kirkland and K&L did not immediately return messages left after hours. A spokesperson for HHS could not immediately be reached.
HHS’ name did not appear among cl0p’s list of purported victims. The group has previously insisted it doesn’t deliberately steal data from government organizations, but that doesn’t mean that data hasn’t been compromised.
Bloomberg cited a person familiar with the incident at HHS as saying that tens of thousands of records could have been exposed.
Cl0p didn’t immediately return an email seeking comment.
Believed by researchers to be a Russian-speaking group of hackers, cl0p was recently able to gain access to a wide swathe of organizations’ data by compromising MOVEit Transfer, a file commercial management tool made by Progress Software.
Speaking to Reuters ahead of the latest claims, Jon Clay, the vice president for threat intelligence at cybersecurity firm TrendMicro, described cl0p as a resourceful group with little incentive to stop its shakedown spree.
“They aren’t going away,” he said. “Unless the heat gets on them very bad.”
(Reporting by Raphael Satter; Editing by Lincoln Feast)
