USDA investigates potential data breach linked to MOVEit hack

The US Department of Agriculture (USDA), responsible for managing federal nutrition, forestation, and farming programs, is investigating a potential data breach involving a department contractor. The breach is believed to be linked to a vulnerability in the widely-used MOVEit file transfer tool. The vulnerability (CVE-2023-35708) could grant hackers escalated privileges, potentially allowing unauthorized access to victims’ environments.

The USDA spokesperson has indicated that the hacking group known as Clop may be responsible for the incident. However, the spokesperson did not provide immediate details regarding the number of affected USDA employees or the specific services provided by the contractor.

In response to the possible breach, the USDA has affirmed its awareness and commitment to addressing the issue. The spokesperson stated that if any employees’ data has been affected, they will be contacted and provided with appropriate support.

The MOVEit vulnerabilities have created a wave of incidents, leading to numerous data breaches across different organizations. This includes several federal agencies impacted by cyberattacks related to MOVEit.

While federal agencies have not reported receiving specific demands, various corporate victims have disclosed ransom demands reaching millions of dollars. According to a report from an individual with direct knowledge of negotiations between Clop and its victims, the hackers have demanded sums exceeding $100 million from at least one corporate victim.