Cyber Resilience

MOVEit Transfer mass-exploitation (Cl0p) (MOVEIT-2023)

Supply-chain compromise · disclosed 2023-05-31 · region: International · primary attribution: Clop

Sectors touched: Information · Credit Intermediation & Related Activities (Banking) · Educational Services · Health Care & Social Assistance · National Security

Cl0p exploited a zero-day SQL injection in Progress Software's MOVEit Transfer to exfiltrate data from ~2,700 organisations including US OPM, US DOE, state governments, BBC, BA, Shell. Largest mass-exploitation campaign of 2023.

Supply-chain flow

ATTACKERCOMPROMISED VENDORDOWNSTREAM VICTIMSClopClopProgress SoftwareProgress Software~2,700 organisations~2,700 organisations

Trojanised Progress Software reached ~2,700 organisations downstream.

Named victims

CVEs linked to this incident

Linked sources

This canonical entry pulls together coverage from the other data layers — curated narrative above; raw sources below.

Sources

« All landmark incidents  ·  All actors  ·  All victims