Ofcom

Ofcom

The MOVEit file transfer zero-day vulnerability was used by the Clop ransomware campaign to compromise the data of UK communications regulator Ofcom.

The ransomware group had access to private data that Ofcom had on the companies it monitors, a representative for the regulator told The Record.

According to the organization, they took immediate action to stop further usage of the MOVEit service and to put the suggested security measures into place.

A SQL injection vulnerability exists, and it might be used by an unauthenticated attacker to access the database of MOVEit Transfer without authorization.

Source: https://securityaffairs.com/147396/data-breach/ofcom-hacked-moveit-zero-day.html

"id": "OFC73619923",
"linkid": "ofcom",
"type": "Ransomware",
"date": "06/2023",
"severity": "85",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.