Shell Investigates Ransomware Attack by the Cl0p Group

June 27, 2023

INCIDENT

Oil and Gas giant Shell ransomware attack conducted by the Clop gang exploiting a MOVEit zero-day vulnerability. The company is investigating the security breach and said that at this time the attack had no impact to its core IT systems.

The Clop ransomware gang claims to have hacked hundreds of companies. At the time of this writing, the Clop ransomware group already added 27 companies to the list of victims on its dark web leak site. The group claimed to have compromised the companies by exploiting the zero-day CVE-2023-34362.

In March 2021, Shell disclosed another data breach resulting from the compromise of an Accellion File Transfer Appliance (FTA) used by the company.

Incident Date

June 16, 2023

Location

United Kingdom

Estimated Cost

No cost values disclosed.

Victims

Royal Dutch Shell

Type of Malware

No Malware identified

Shell Investigates Ransomware Attack by the Cl0p Group

Incident Date

Location

Estimated Cost

Victims

Type of Malware

Threat Source

References

Industries

Impacts