October 2, 2023

Gen Digital, the parent company of cybersecurity subsidiaries such as Avast and Norton, confirmed on June 20 that the personal information of its employees was compromised in yet another MOVEit ransomware attack

It has stated that it was affected by a ransomware attack in response to inquiries, confirming that personal information such as names, addresses, employee IDs, and email addresses were revealed.

Advertisements

As per the Gen Digital public notice, We use MOVEit for file transfers and have remediated all of the known vulnerabilities in the system. When we learned of this matter, we acted immediately to protect our environment and investigate the potential impact. We have confirmed that there was no impact to our core IT systems and our services and that no customer or partner data has been exposed, which further confirmed that it informed all parties that may have been affected, as well as data protection regulators.

The bug, a critical-severity SQL injection tracked as CVE-2023-34362, started out as a zero-day vulnerability that has been part of an exploitation campaign by Cl0p ransomware gang. The attack is ongoing even post-patch and has targeted more than 100 companies and organizations so far.

Tags:

Leave a Reply

You may have missed

McLaren Healthcare suffers a Ransomware Incident

October 2, 2023

TheCyberThrone CyberSecurity Newsletter Top 5 Articles – September, 2023

October 2, 2023

TheCyberThrone Security Week In Review – September 30, 2023

October 1, 2023

Mozilla fixes CVE-2023-5217 Vulnerability in its Products

September 30, 2023

CISA KEV Update Part III – September 2023

September 30, 2023

Exim Mail Transfer Server Vulnerabilities

September 30, 2023
%d bloggers like this: