The victim is a leading energy technology firm headquartered in Munich. The company has a vast global footprint, with 91,000 employees and an annual turnover of $35 billion. It specializes in the design, development, and production of various industrial goods, from industrial control systems to advanced power units, renewable energy solutions, and comprehensive energy delivery mechanisms. Moreover, they offer cybersecurity consultation services tailored to the oil and gas sector, encompassing areas like incident response, vulnerability evaluations, and patch management.
According to sources, the victim has acknowledged a breach resulting from the Cl0p ransomware's data-theft assaults that took advantage of a zero-day flaw in the MOVEit Transfer platform. The Cl0p threat group subsequently listed the victim on its data leak website, signifying that they had successfully extracted data during the cyber intrusion. This listing tactic is a part of Cl0p's strategy to exert pressure on their victims, typically preceding an actual leak of the stolen data. While there hasn't been a data leak as of now, the victim confirmed the breach linked to the MOVEit Transfer vulnerability, designated as CVE-2023-34362.
The victim emphasized that the breach did not lead to the compromise of any critical data, and their business operations remain unaffected.