back to article Medical files of 8M-plus people fall into hands of Clop via MOVEit mega-bug

Accounting giant Deloitte, pizza and birthday party chain Chuck E. Cheese, government contractor Maximus, and the Hallmark Channel are among the latest victims that the Russian ransomware crew Clop claims to have compromised via the MOVEit vulnerability. Deloitte confirmed an intrusion but declined to answer The Register's …

  1. Anonymous Coward
    Anonymous Coward

    Just out curiosity..

    .. which OS were they all using?

    Yeah, thought so. Let's not talk about it, shall we, because we wouldn't want to actually solve the problem now, would we?

    1. katrinab Silver badge
      WTF?

      Re: Just out curiosity..

      Does it matter? SQL injection vulnerabilities can happen on any OS, even OpenBSD.

  2. Anonymous Coward
    Anonymous Coward

    Dear clop

    Can you tell me why my bank account was closed.

    After a huge run around the bank says they can’t tell me.

    Given the time wasted trying to get a meaningful answer I suspect I’d save money by paying you a modest sum for the information my former bank holds on me.

    Regards

    A Coward

    1. Dimmer Silver badge

      After a huge run around the bank says they can’t tell me.

      Stand operating procedure

      Had the same issue. Customer lost funds supposedly via pilfered online banking login.

      Requested a log of time, date, and ip address. I know it is available, worked at a bank at one time.

      End point, bank refunded the 1.4mil and gave no answer.

  3. robert lindsay
    FAIL

    I worked for Maximius, to call them a shitty company is to insult shitty companies. On the downside, my info is probably in there.

  4. Anonymous Coward
    Anonymous Coward

    Why is this stuff internet accessable?

    SQL injections and private databases facing the internet?

    REALLY?

    1. t245t Silver badge
      Terminator

      Re: Why is this stuff internet accessable?

      > Why is this stuff internet accessable?

      It was a cheap hacked together solution done by some final year computer student and used HTTP for certain control functions.

      > SQL injections and private databases facing the internet?

      The kid shoulda used stored procedures and disabled all webable anything. And assume the app would be hit with all known attacks. They did try and hack their own app, didn't they?

      They do make a good video: MOVEit secure managed file transfer

      If the modem was locked down then this might not have happened. But then again they appear to be using a browser at the client end. They should strip-out everything apart from the GUI and replace it with SFTP and use peer-to-peer file transfer so as nothing is stored on the mothership. Apart from a token file transfer recent.

    2. katrinab Silver badge
      Alert

      Re: Why is this stuff internet accessable?

      Because it was sold as being more secure than sending email attachments.

      It is not, because if you can access the email, you can access the download link and authentication details. This just increases the attack surface.

  5. FlamingDeath Silver badge
    Flame

    Hey Mum look I made a software

    Thats cute Bobby Jnr, what does it do?

    It does (a) and (b) it’s amazing

    What else does it do…..?

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like