June 21, 2023

The Clop ransomware gang has claimed that it does not have data belonging to U.K. organizations like BBC, BA, and Boots, who were thought to be victims of a mass hack caused by exploitation of a critical vulnerability in the MOVEit file-transfer tool through Zellis.

According to the Clop, they informed Zellis, the UK payroll provider that was breached, that they do not have the data in question. They emphasized that their group has never deceived anyone and if they say they don’t have the information.

However, Clop has added the names, websites, and company addresses of nearly 50 victims to their darknet website, including U.S.-based financial services organizations 1st Source and First National Bankers Bank; Boston-based investment management firm Putnam Investments; the Netherlands-based Landal Greenparks; financial software provider Datasite; educational non-profit National Student Clearinghouse; student health insurance provider United Healthcare Student Resources; American manufacturer Leggett & Platt; Swiss insurance company ÖKK; and the U.K.-based energy giant Shell.

Some of the companies listed by Clop on their so-called “leak site” have separately confirmed that they have had data stolen, while Zellis has refrained from commenting due to ongoing investigations.

The sources for this piece include an article in BBC.