CL0P Targets Healthcare Sector, Claims Hinduja Group Cyber Attack And 23 Others

Jul 27, 2023

In yet another alarming cyber incident, the Hinduja Group, a prominent Indian transnational conglomerate operating in multiple sectors, has fallen victim to a cyber attack.

The alleged Hinduja Group cyber attack, carried out by the notorious CL0P ransomware group, has also affected several other companies across various industries.

At present, there has been no official statement or response from the business conglomerate regarding the Hinduja Group cyber attack.

The Hinduja Group, with its extensive presence in eleven major sectors, including automotive, oil and speciality chemicals, banking and finance, and many more, has become a high-profile target for cybercriminals.

The alleged Hinduja Group cyber attack, which occurred on July 26, 2023, adds the organization to the list of 24 new victims identified by the CL0P ransomware group on their leak site.

The victims primarily belong to the Healthcare, IT & ITES, and BFSI sectors, with a significant number of them based in the United States.

Hinduja Group cyber attack and other data breaches explained 

The list of impacted organizations is quite extensive, including prominent names such as Hill-Rom Holdings Inc, Arrow Electronics Inc, Maximus Inc, SBM Offshore N.V., Ferring B.V., Chevron Federal Credit Union, FANUC America Corporation, Gensler, Medical College of Wisconsin, Smurfit Kappa Group plc, Garett Motion Inc, and, of course, the Hinduja Group.

According to sources, this alleged cyber attack by the ransomware group has impacted the North America (NA),Europe (EU),Asia & Pacific (APAC) region, with major focus on United States, Netherlands, Switzerland, India and Ireland.

The Hinduja Group cyber attack seems to have happened recently, and may be linked to the MOVEit vulnerability, where the CLoP ransomware exploited a vulnerability in the file-sharing platform, wreaking havoc on organizations around the world. 

Coveware, a leading cybersecurity firm, estimates that the CL0P ransomware gang may earn up to $100 million from their latest data extortion campaign, as some victims have already paid significant sums to the group.

The growing menace of the CL0P ransomware group has been attributed to their ability to exploit zero-day vulnerabilities, such as the one found in the MOVEit file transfer software.

This tactic has emerged as a response to the increasing difficulty in monetizing traditional ransomware attacks, as reported by Coveware. 

MOVEit Data Breach: Over 20 Million Individuals Impacted

The Cl0p ransomware attack on MOVEit has affected approximately 20 million individuals, though the actual number may be higher. 66 disclosures have been made, implicating 384 organizations, yet to confirm their status.

Among them, the financial services firm 1st Source Corporation confirmed its impact. The attack count rose from 19,879,769 to over 20 million.

Of the total, 54 government agencies, 70 schools, 20 public sectors, and 31 international public sectors were affected. Some companies refuse ransom payments to discourage cybercriminals, while others comply.

“To rapidly detect and respond to dynamic situations like this, organizations must fully understand their attack surface and cyber risk,” said a Trend Micro report on the situation.

Attempting to achieve this with numerous individual security elements increases the likelihood of gaps in awareness and delays in addressing critical issues.

As concerning as this situation is, it remains unclear whether the Hinduja Group cyber attack and the data breaches of the other 23 victims are directly related to the MOVEit vulnerability exploitation.

The dark web post providing information about the attacks did not mention any specifics about the vulnerability other than identifying the Clop ransomware gang as the perpetrators behind the Hinduja Group cyber attack and other similar incidents.

The Cyber Express has reached out to the organizations listed by the ransomware group. Updates on the situation will be promptly provided once responses are received from the organizations.

Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.

Get Free Report & Network Analysis

Please check your email for the free report.