CL0P hacking group hits Swire Pacific Offshore
The multinational conglomerate Swire Pacific Offshore (SPO) announced that it had been the victim of a cyberattack with “confidential proprietary information” as well as personal information that was allegedly stolen.
Details of the attack are unclear, but some suggest that it was attacked by the CL0P ransomware group.
SPO has not confirmed whether the attack is based on ransomware, but CL0P has since updated its blog claiming that it breached SPO’s systems.
Full names, locations, phone numbers, company name, bank details, email addresses and passport scans are among the stolen data seen by Computer pro.
The employees who appear to be the most affected are based in Singapore and Malaysia, but some cases belong to staff in the UK, China and the Philippines.
Other stolen files include file names referring to payment advices, mailbox backups, miscellaneous archives and other personal files.
The company is the maritime services division of conglomerate Swire and has confirmed that the attack did not affect its global operations.
“SPO has taken immediate action to strengthen existing security measures and mitigate the potential impact of the incident,” he told IT pro. “It takes seriously any cyberattack or illegal access to data or any illegal action that could potentially compromise the confidentiality or confidentiality of the data and will not be threatened by such actions.
“SPO has reported the incident to the appropriate authorities and will work closely with them with respect to the incident. SPO is contacting potentially affected parties to inform them of the incident.”
Dark web monitoring firm SOS Intelligence drew attention to the CL0P ransomware blog on Wednesday, adding Swire Pacific Offshore to its list of victims.
Cl0P is a sophisticated ransomware gang behind several recent high-profile hacks.
How to reduce the risk of phishing and ransomware
Top security issues and mitigation tips
In February of this year, Donald Trump’s former law firm Jones Day was attacked by CL0P with reports suggesting files were stolen and posted online, much like with the SPO hack, but the law firm denied the violation.
CL0P is also believed to be behind the month-long attack on Accellion’s file transfer application (FTA) product, also in February 2021. Exploiting several zero-day flaws in the legacy IT product, the company Canadian airline Bombardier was one of the most publicized victims of the attack.
A few months later, global investment bank Morgan Stanley revealed that personal information belonging to its corporate clients was accessed and stolen in the same Accellion data breach.
Seven steps to connect and empower your frontline workers
How business leaders can improve communication with a secure platform
Create the suite
The future of collaboration and productivity
Leverage the cloud without giving up control
Your data. Their cloud.
Re-architecture for non-stop innovation
Unlock productivity, scalability, and lower costs for cloud natives