<\/p>\n
\n Millions of people in Louisiana and Oregon have had their data compromised in the cyber attack that has also hit the US federal government, state agencies said late Thursday.\n <\/p>\n \n The breach has affected 3.5 million Oregonians with driver’s licenses or state identification cards, and anyone with such documentation in Louisiana, authorities said. Casey Tingle, a senior official in the Louisiana governor’s office, said Friday that more than 6 million records were compromised, though he noted that number is more than double because some people have vehicle registrations and driver’s licenses.\n <\/p>\n \n The states did not blame anyone in particular for the hack, but federal officials have attributed a broader hacking campaign using the same vulnerability to a Russian ransomware gang.\n <\/p>\n \n Hackers exploited a flaw in popular file transfer software known as MOVEit made by Massachusetts-based Progress Software.\n <\/p>\n \n Hundreds of organizations around the world have likely seen their data exposed after hackers used the flaw to break into networks in recent weeks. Several US federal agencies, including the Department of Energy, were breached, CNN first reported on Thursday. The US Office of Personnel Management was also affected by the hack, multiple sources told CNN on Friday, but none of the federal agencies’ breaches so far have been considered serious.\n <\/p>\n \n US officials have described the cyber attack as an opportunistic and financially motivated hack that did not cause disruption to agency services.\n <\/p>\n \n The list of confirmed victims grew late Friday after multinational consulting giant Aon told CNN that hackers accessed files related to a “select number of our customers” in the MOVEit breach. Other major corporations, including the BBC and British Airways, and universities such as the University of Georgia, have also been affected by the breach.\n <\/p>\n \n The data exposed in the breach of the Oregon and Louisiana Departments of Motor Vehicles may include Social Security numbers and driver’s license numbers, prompting state authorities to advise their residents how they can protect themselves from fraud of identity\n <\/p>\n \n There is no sign that the hackers have sold or published data stolen from the Louisiana Bureau of Motor Vehicles, and the hackers have not contacted the state government, the office said from Louisiana Governor John Bel Edwards in a statement.\n <\/p>\n \n Heading into the weekend, U.S. officials and business executives across the country continue to look for clues about stolen data and to try to prevent hackers from extorting victims.\n <\/p>\n \n \u201cWe cannot rely only on technical and security data related to vulnerable people [software installations, but also business relationships \u2013 contracts, for example \u2013 to really understand how bad this is, and how bad it\u2019s going to get,\u201d Munish Walther-Puri, senior director of critical infrastructure at consultancy Exiger, told CNN.\n <\/p>\n \n US cybersecurity officials have ordered federal agencies to apply updates from Progress Software, but the recovery process was complicated on Thursday by the discovery of a fresh vulnerability in the software that the company is racing to fix.\n <\/p>\n \n Clop, the Russian-speaking hackers that claimed credit, are known to demand multimillion-dollar ransoms, though US and state governments say they have not received any demands. The hackers appear to be focusing their extortion on companies that may pay, adding alleged victims to their dark-web site to pressure them.\n <\/p>\n \n The OPM is one of multiple federal agencies impacted by\u00a0the sweeping hack, current and former US officials familiar with the matter told CNN Friday.\n <\/p>\n \n Officials are still investigating what data in OPM\u2019s custody may be affected.\u00a0The agency is in charge of human resources, retirement and other services for the vast federal bureaucracy.\n <\/p>\n \n A spokesperson for the agency had no comment when reached by CNN on Friday evening.\n <\/p>\n \n The Biden administration has \u201cfocused on rapid response to cyber incidents,\u201d National Security Council spokesperson Adam Hodge said in a statement this week. He pointed to a recent public advisory from federal agencies \u201cto help affected companies and government agencies rapidly find compromises and fix them.\u201d \u00a0\n <\/p>\n \n One person with direct knowledge of negotiations between Clop and its victims said the hackers had in one case asked for more than $100 million from one corporate victim \u2014 an audacious number that was a nonstarter.\n <\/p>\n \n The hackers are being \u201cextremely aggressive\u201d in negotiations to try to extort victims, said the source, who spoke on the condition of anonymity because they were not authorized to speak to the press.\n <\/p>\n \n \u201cSeveral hundred\u201d companies and organizations in the US could be affected by the hacking spree, a senior US official told reporters on Thursday. It\u2019s another test of the US government\u2019s ability to respond to a cyber incident that could take months to fully understand.\n <\/p>\n \n But after a spike in ransomware attacks in 2021, preparation for potential Russian cyberattacks around the Kremlin\u2019s full-scale invasion of Ukraine and other serious cyber threats, the FBI and US Cybersecurity and Infrastructure Security Agency \u201care in a pretty good place to handle an influx of notifications and provide assistance,\u201d said Jeff Greene, who was a senior cyber official at the National Security Council until last year.\n <\/p>\n \n \u201cI watched firsthand as [those agencies] it got better and better” at responding to threats, Greene, who is now senior director of the Cybersecurity Program at the Aspen Institute, told CNN.\n <\/p>\n \n This story has been updated with additional news.\n <\/p>\n
\n CNN<\/span>
\n \u2014 <\/p>\n