Barrick Gold targeted by Russian cybercriminal group Clop in global data theft that hit Sun Life, Vancouver transit police – by Niall McGee (Globe and Mail – July 20, 2023)

Canada’s biggest gold company has been targeted by shadowy Russian cybercriminal group Clop in a massive global data theft incident that has affected hundreds of corporations and close to 20 million individuals.

Barrick Gold Corp. is one of a growing tally of at least 376 organizations publicized by Clop in an attack that has seen confidential data stolen from financial firms and health care providers, as well as U.S. government agencies and Canadian municipalities.

Active since at least 2020, Clop traditionally used software to encrypt files of a company or an individual and then demanded ransom so the information could once again be deciphered. But the latest incident involved a mass data theft that occurred in late May at third-party file sharing system MOVEit, owing to a “zero-day” vulnerability in its software – a flaw for which MOVEit had no fix at the time.

MOVEit is owned by Massachusetts-based Progress Software Corp., and its software is used by thousands of corporations for sending and receiving documents. Progress has said it has since fixed the vulnerabilities in its system that allowed the hack.

For the rest of this article: