Shell, the energy company, has acknowledged that its employees’ personal data has been compromised due to the recent hack on MOVEit Transfer. The cybercriminal group known as Cl0p used a previously unknown vulnerability in the MOVEit managed file transfer (MFT) software to illicitly access data from approximately 130 organizations utilizing the platform.
It is estimated that around 15 million individuals have been affected thus far. The hacker group, believed to have ties to Russia, has begun publicly identifying victims who refused to negotiate on their leak website, and Shell was one of the initial targets.
The specific nature of the compromised information remains uncertain, but those affected are being informed accordingly.