Photo: Bloomberg
The U.S. Cybersecurity and Infrastructure Security Agency said several government agencies were victimized by a global cyber attack. According to CNN, the attacks began two weeks ago and targeted several colleges and state government agencies by exploiting a software vulnerability in MOVEit, a widely-used file transfer system.
"We are working urgently to understand impacts and ensure timely remediation," Eric Goldstein, the agency's executive assistant director for cybersecurity, told CNN.
According to Reuters, the hacking group Cl0p has taken credit for the cyberattack. The group promised it would not exploit any data it gathered from government agencies.
"If you are a government, city or police service do not worry, we erased all your data," the group wrote in all caps on its website.
The CISA did not say which agencies were targeted in the attack. The Transportation Security Administration and the State Department told CNN they were not victimized by the hackers.
A spokesperson for MOVEit told Forbes that it has rolled out security patches to fix the vulnerabilities. The company said it is cooperating with the investigation and is "committed to playing a leading and collaborative role in the industry-wide effort to combat increasingly sophisticated and persistent cybercriminals."