- A hacker with the alias "Nam3L3ss" started leaking data from six companies
- The companies include Nokia, Bank of America, and others
- The data came from the MOVEit breach that happened more than a year ago
Hackers are still leaking sensitive information stolen via the MOVEit flaw, more than a year after it was first disclosed, experts have warned.
A threat actor with the alias “Nam3L3ss” recently started leaking sensitive data from six major companies to BreachForums: Xerox (42,735), Koch (237,487), Nokia (94,253), Bank of America (288,297), Bridgewater (2,141), Morgan Stanley (32,861), and JLL (62,349), The Register reports.
The publication further added that security researchers analyzed the data dump and confirmed its authenticity, adding that among the leaked information are people’s full names, phone numbers, email addresses, job addresses, employee badges, job titles, and usernames.
MOVEit files keep leaking
This is the type of information cybercriminals like most (apart from passwords and banking data, obviously), since it allows them to run phishing, identity theft, and similar attacks that can lead to ransomware, wire fraud, and more.
"This data is a goldmine for social engineering," Zack Ganot, chief strategy officer for Atlas Privacy said. "Knowing exactly what employee sits on which team, who they report to, what their badge number is, what building they work in, their organizational email and phone number – this is some wild stuff for an attacker looking to exploit an org."
MOVEit is a managed file transfer (MFT) tool, used by large companies to securely share sensitive files. In late May 2023, it was discovered that it had a flaw, which was successfully exploited by a Russian ransomware actor called Cl0p. This group used the flaw to exfiltrate sensitive data from hundreds of companies using MOVEit.
Among the victims were numerous high-profile organizations across various sectors, including US government entities (Department of Energy, Office of Personnel Management), educational institutions (Johns Hopkins University), private enterprises (Shell, British Airways, Ernst & Young), and many others. In total over 62 million individuals were directly affected, with the true number likely higher.
You might also like
- Amazon confirms employee data stolen after third-party MOVEit breach
- Here's a list of the best firewalls today
- These are the best endpoint protection tools right now