The Unprecedented Cyber-Breach That Targeted the Global Giants like PwC, Medibank
The authorities confirmed that two of the big fours, PwC and EY, were caught in a massive security breach in late May. The infamous hacker group in Russia CL0P, used the third-party software platform MOVEit to get access to sensitive data from other well-known organizations as well.
This is the same notorious hacker group that orchestrated two other cyber-attacks in the last three years. They have previously demanded ransom or released sensitive information online after their attack. CL0P also published an official statement on the website which says, “Pay attention to avoid extraordinary measures to impact your company,”
A spokesperson for PwC Australia confirmed that they use the file-sharing platform MOVEit for some of their clients. They also said that they stopped using the software after the breach and have opened an investigation regarding the data that has been exposed.
PwC claims that their internal IT systems haven’t been compromised after the breach and the attack had a very “limited impact” on the company. They are also in contact with the clients whose information was breached and looking into the matter for future consequences.
Previously another file-sharing software named GoAnywhere was compromised in Australia which had an impact on The Crown Resorts, the biggest casino operator in Australia. Crown Resorts later claimed that although there was a ransomware demand, no personal information was released. But investigations suggested that the hacker got access to some crown files which were released on the dark web.
This incident of cyber-attack couldn’t have happened at a much worse time since PwC is still recovering from a tax scandal that took place earlier in 2023, where confidential tax information was released. Several partners have resigned after the incident and the company is momentarily banned from taking over governmental projects.
The spokesperson also added that their priority has always been to secure its data and that it will continue to use “the right resources and safeguards in place” to protect it from further network breaches.
On the other hand, their rival EY claims that although they use the same software for file transferring purposes, most of its systems weren’t affected by the breach. They have been following up with their clients and authorities for the same and are still investigating the matter.
Medibank, Australia’s largest private health insurance company was also affected by the attack when they reported that a file that containing private information about their staff was breached. The file had email ids, contact numbers and other details of the staff but it did not contain their bank details or home address, Medibank told Reuters. But their systems were not affected by the data breach.
This is the second consecutive cyber-attack on Medibank. In the last year October, 9.7 million of its customer’s data was compromised for which the legal disputes are still in progress.
Some cybersecurity subsidiaries like Norton and Avast also revealed their client information was compromised by this cyber-attack. Authorities say that more than 100 companies and organizations have been affected so far.
The file transfer service MOVEit is owned by Progress Software who have said that they have contained the vulnerability within 48 hours of the attack.