Clop (or Cl0p) ransomware gang
Threat Actor
Multiple Accellion FTA customers suffered attacks from UNC2546 and have received extortion emails threatening to publish stolen data on the “CL0P^_- LEAKS” .onion website.
The Clop ransomware gang are behind the 2023 MOVEit Transfer data-theft attacks.
Incidents Associated with this Threat
- July 18, 2023: Cosmetic’s Giant Estée Lauder Suffers Breach
- July 1, 2023: AON MOVEit Hack affects Dublin Airport Staff Data
- June 27, 2023: Siemens Energy AG Confirms Ransomware Attack
- June 21, 2023: First Merchant Bank also Confirmed Databreach as Result of MOVEit Hacks
- June 16, 2023: Shell Investigates Ransomware Attack by the Cl0p Group
- June 7, 2023: Boots also Victim MOVEit Software Hack at Zellis
- June 7, 2023: BBC Victim of MOVEit Software Hack at Payroll Service Provider Zellis
- June 5, 2023: MOVEit Transfer data breach at Zellis affect
- May 30, 2023: Schneider Hit In MOVEit Transfer Zero Day
- May 30, 2023: MOVEit Campaign Continues Affecting <900 Schools in Almost Every US State.
- February 4, 2023: Proctor & Gamble Confirms Data Theft
- August 15, 2022: UK Water Utility Suffers Cyberattack
- March 16, 2021: Shell A Victim In Accellion Incident
- February 23, 2021: Jet Maker, Bombardier, Victim In Accellion Attack
- February 11, 2021: Accellion-related Data Breach Reported by Singtel
- December 25, 2020: Accellion-related Data Breach Reported by QIMR Berghofer
Malware Used by this Threat Actor
No malware identified for this threat actor.