Ransomware, Vulnerability Management, Breach

Purported Cleo hack victimization refuted by some firms

Some of the 59 organizations allegedly compromised by the Clop ransomware operation through the exploitation of vulnerable Cleo file transfer instances have purported the breach claims as the ransomware gang threatened to expose the firms' data by Saturday, TechCrunch reports.

While major German manufacturer Covestro confirmed having its U.S. logistics server's data impacted by the Clop hack, leading U.S. car rental firm Hertz, Western Alliance Bank, and Arrow Electronics disclosed the lack of any evidence suggesting that their respective systems have been compromised as a result of the incident. "Out of an abundance of caution, we are continuing to actively monitor this matter with the support of our third-party cybersecurity partner," said Hertz spokesperson Emily Spencer. Moreover, Australian logistics company Linfox, also listed by Clop as one of the attack's victims, said that it has neither leveraged Cleo software nor experienced any cyberattacks. On the other hand, BlueYonder dismissed the association between a November cybersecurity incident and the Cleo compromise.

An In-Depth Guide to Ransomware

Get essential knowledge and practical strategies to protect your organization from ransomware attacks.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds