(Dmytro “Henry” Aleksandrov, Headline USA) Email addresses of about 632,000 U.S. federal employees at both the Department of Defense [DOD] and the Department of Justice were accessed by a Russian-speaking hacking group as part of the sprawling MOVEit hack that happened last summer.
New details about a cyberattack in which hackers exploited flaws in MOVEit, a popular file-transfer tool, were provided in a new report on the wide-ranging attack that was obtained through a Freedom of Information Act request by the U.S. Office of Personnel Management [OPM], according to Bloomberg News.
Even though government agencies were compromised by the attack, they neither provided enough information on the scope of the attack nor named the agencies affected, federal cybersecurity officers previously said.
In a July report on the incident submitted to a congressional committee, the OPM said that an unauthorized actor obtained access to government email addresses, links to government employee surveys administered by the OPM and internal OPM tracking codes.
Both the DOJ and the DOD employees were impacted. Among the various parts of the DOD that were affected were the U.S. Air Force, U.S. Army, U.S. Army Corps of Engineers, the Office of the Secretary of Defense, the Joint Staff and Defense Agencies and Field Activities.
The hack that occurred on both May 28 and May 29 was characterized as a “major incident” by the OPM. The office also said that it didn’t have a reason to believe the attack posed a significant risk, adding that the compromised data was “generally of low sensitivity” and not classified.
The U.S. Department of Health and Human Services, the Department of Agriculture, and the General Services Administration also said that they were previously affected by the MOVEit breach. In addition to that, the Energy Department received ransom requests from the hackers themselves after two of its entities fell victim to the intrusions.
The attack was blamed on a hacking gang called Clop, or Cl0p [“bed bug” in Russian]. As of Oct. 31, 2023, more than 2,500 organizations have been impacted, according to Brett Callow, a threat analyst at the cybersecurity firm Emsisoft.
A government services provider Maximus Inc. and the Louisiana Office of Motor Vehicles were also the victims of the hackers, Emsisoft said.
“Whatever happened to us being #1 in the world? Hacked into the DoD email system? What’s next? Into the White House?” one person on Twitter wrote.
