Vulnerability cyber

Johns Hopkins University

May 8, 2024 1 min read
Johns Hopkins University

Johns Hopkins University, a prestigious institution based in Baltimore, alongside its renowned health system, reported a significant cybersecurity incident impacting its operations. The attack exploited a vulnerability in MOVEit, a widely-used software for secure data transfer. The breach resulted in the possible theft of sensitive personal and financial information, including health billing records belonging to the university and its health system's networks. This incident is part of a larger global cyberattack attributed to the Russian ransomware gang, Clop, which targeted numerous organizations, including federal and state agencies, private companies, and other educational institutions. Clop's activities have raised concerns over the security of critical data and the effectiveness of existing cybersecurity measures against sophisticated ransomware attacks.

Source: https://www.cnn.com/2023/06/16/tech/clop-ransomware-attack-explainer/index.html

TPRM report: https://scoringcyber.rankiteo.com/company/johnshopkinsuniversity

"id": "joh105050824",
"linkid": "johnshopkinsuniversity",
"type": "Vulnerability",
"date": "06/2023",
"severity": "100",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'industry': 'Education',
                        'location': 'Baltimore',
                        'name': 'Johns Hopkins University',
                        'type': 'Educational institution'},
                       {'industry': 'Healthcare',
                        'location': 'Baltimore',
                        'name': 'Johns Hopkins Health System',
                        'type': 'Healthcare institution'}],
 'attack_vector': 'Exploit of vulnerability in MOVEit software',
 'data_breach': {'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Personal information',
                                              'Financial information',
                                              'Health billing records']},
 'description': 'Johns Hopkins University and its health system experienced a '
                'cybersecurity incident involving a vulnerability in MOVEit '
                'software, potentially leading to the theft of sensitive '
                'personal and financial information.',
 'impact': {'data_compromised': ['Sensitive personal information',
                                 'Financial information',
                                 'Health billing records'],
            'systems_affected': ['University network',
                                 'Health system network']},
 'motivation': 'Financial gain, data theft',
 'ransomware': {'ransomware_strain': 'Clop'},
 'threat_actor': 'Clop ransomware gang',
 'title': 'Johns Hopkins University Cybersecurity Incident',
 'type': 'Ransomware',
 'vulnerability_exploited': 'MOVEit software vulnerability'}
Published by
Jeremy C
Jeremy C
You might also like
Vulnerability cyber

Apple

public 1 min read
A zero-click attack leveraging a newly disclosed Messages vulnerability (CVE-2025-43200) has infected the iPhones of two European journalists with Paragon&…
Jeremy C Jeremy C
Vulnerability cyber

Apache2

public 2 min read
A critical zero-day vulnerability (CVE-2025-33053) in WebDAV implementations allows remote code execution. Advanced persistent threat (APT) groups have actively exploited…
Jeremy C Jeremy C
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.