HQ/EMEAFind out how we can help your business
The Munich-based energy company, Siemens Energy, has confirmed that it lost data during a recent Clop ransomware attack using a zero-day flaw in the MOVEit Transfer platform. Based on reports, the company is currently home to more than 90,000 employees and has a $35 billion annual revenue.
The energy firm designs, develops and manufactures various industrial products, such as OCS, heat generation units, on and off-site energy delivery systems, renewable energy systems, and flexible power transmission solutions.
Moreover, the company provides several cybersecurity consulting services for the oil and gas industry. Its benefits include vulnerability assessment, patch management, and incident response plans.
The Clop ransomware group includes Siemens Energy in its data leak website.
Threat analysts spotted Siemens Energy in Clop ransomware’s data leak site. This detail indicates that the group has successfully stolen data from the company.
The ransomware group followed their usual tactic of extorting its targets. First, it lists the victim company’s name on its data leak website to pressure the company, followed by the eventual data leak.
A company spokesperson confirmed they suffered a data breach during the recent clop attack after the ransomware group exploited the MOVEit Transfer zero-day flaw. Fortunately, the company revealed that the group has yet to expose their data.
The company also added that the threat actors did not steal necessary details and have not impacted their business operations. The spokesperson also stated they had taken immediate action after spotting the attack on their networks.
The MOVEit Transfer file platform has caused significant disruption to numerous companies for months after its initial discovery. Another energy-related company, Schneider Electric, suffered a Clop ransomware attack after the attackers exploited its MOVEit Transfer systems.
This France-based multinational company has an annual revenue of over $37 million. The firm specialises in energy management and digital automation, and its primary products could provide various capabilities critical for several industries worldwide.
Experts believe more companies employing the vulnerable platform will soon confirm a data breach incident in their systems. Therefore, organisations should patch their MOVEit Transfer file systems to avoid being the next victim of the Clop ransomware group.
