one of the largest mining companies Fortescue Metals became another victim of the Cl0p group

Australian iron ore mining company Fortescue Metals was cyberattacked ransomware group Clop. Hackers claimed responsibility for both the cyberattack and the theft of data from the company’s networks.

Fortescue confirmed the hack, calling it a “low-impact cyber incident,” which occurred on May 28. The company said that the disclosed information “was not of a confidential nature.” The attack resulted in “disclosing a small portion of data from the organization’s networks.”

Fortescue has notified the Australian Cyber ​​Security Center (ACSC) of the incident and has completed an internal investigation and remedial action.

“The company does not care about its customers, it has ignored their safety!!!,” Cl0p said in a post on the leak site.

Cl0p stated that no Fortescue documents or data have yet been released online, leaving Fortescue Metals open to negotiating a buyout. On their website, the Cl0p hackers stated that Fortescue has 7 days to negotiate before the attackers start publishing the stolen data.

At the moment, it is not known how the hackers penetrated the company’s network. However, experts from the Australian media assumed that cybercriminals could exploit the 0day vulnerability in MOVEit Transfer ( CVE-2023-34362 CVSS: 9.8). Experts say Cl0p hackers began to “test the ground” to attack MOVEit Transfer 2 years ago.

Fortescue Metals is the world’s fourth largest iron ore exporter with a market capitalization of almost $70 billion (as of 2015).

It should be noted that recently one of the largest banks in the world, Deutsche Bank became a victim of the Cl0p group . Bank customer data was compromised after hackers used the MOVEit Transfer vulnerability to infiltrate the system of the bank’s service provider Majorel.

Clop ransomware is responsible for two of the biggest attacks this year, each affecting more than 100 organizations. Both attacks exploited zero-day vulnerabilities in popular MFT-platforms. In January, the service became a victim of hackers. goanywhere from Fortra and at the end of May MOVEit Transfer from Progress Software.

In addition, two of the Big Four accounting firms, PwC and EY, launched an investigation into data breach incidents associated with the actions of the Clop hacker group. hackers demanded a ransom from companies for not publishing their internal data. The group used vulnerability in file transfer software MOVEit Transfer by Progress Software, which was discovered in May 2021.