U.S. Energy Giant Reveals MOVEit Hack Exposed Stolen Data.

PLL Electric Utilities has confirmed that sensitive information was leaked online following an attack on an external vendor during the MOVEit incident. According to a company spokesperson, the compromised data includes basic information such as name, address, phone number, email address, and account number. However, no banking information, credit card details, Social Security numbers, or account passwords were leaked, as PPL did not share that data with the affected vendor. Despite this, the exposed information could be utilized in phishing attacks, identity theft, and social engineering.

The company emphasized that this issue is not related to its own systems or critical infrastructures in any of its service areas. The 2023 MOVEit attack was a massive cyberattack that exploited a zero-day vulnerability in the Moveit Managed File Transfer software, developed by Progress Software, which was detected in late May 2023. This flaw allowed attackers to perform SQL injections and gain unauthorized access to sensitive data.

The ransomware group known as Cl0p has been identified as responsible for exploiting this vulnerability to steal information from numerous organizations worldwide. In total, the attack affected more than 600 entities and approximately 40 million individuals, including government agencies, financial institutions, healthcare providers, and large corporations. Among the victims are U.S. federal agencies, British Airways, Shell, and BBC. It is estimated that the Cl0p group extorted between $75 million and $100 million, despite only a small percentage of the victims choosing to pay the ransom.