The Clop ransomware gang has continued to take advantage of the Accellion FTA vulnerability to extort Accellion’s clients by threatening to leak the data they stole. Thus far, the group has already managed to target supermarket giant Kroger, the Reserve Bank of New Zealand, the Australian Securities and Investments Commission (ASIC), Singtel, QIMR Berghofer Medical Research Institute, the Office of the Washington State Auditor (SAO), and the energy company Shell. This week, the group has released screenshots of sample data belonging to the University of Colorado and the University of Miami. The University of Colorado announced that they suffered a breach in February but did not know the severity. Clop has since posted screenshots of information such as university financial documents, student grades, academic records, enrollment information, and student biographical information. As for the University of Miami, it seems as if they’ve had information pertaining to the university’s health system published, including medical records, demographic reports, Social Security Numbers (SSNs), and a spreadsheet with email addresses and phone numbers. Although only a limited amount of data has been posted thus far, it is likely Clop will continue to post more screenshots in an effort to force the universities to pay their extortion demands.
By Anthony Zampino Introduction Leading up to the most recent Russian invasion of Ukraine in