As seen by Hackread.com, the Cl0p ransomware gang has leaked partial SPO data including names, email addresses, passport scans, and more.
Swire Pacific Offshore (SPO) has confirmed becoming a victim of a targeted cyberattack by the Cl0p ransomware gang. The company claims that personal information and classified proprietary commercial information might be exposed.
For your information, SPO is Swire conglomerate’s marine services division.
About the Attack
The company didn’t share details of the attack, but it is speculated that the Cl0p ransomware gang targeted it with ransomware because the gang has updated its blog, flaunting that it has successfully breached SPO’s systems.
According to SPO, the attack didn’t impact its global operations as it took immediate action to reinforce already implemented security measures.
The company further noted that it takes cyber attacks and illegal data access seriously and will not be threatened by such unlawful actions to compromise the privacy/confidentiality of data.
At the time of publishing this article, the company’s official website was down for maintenance.
In a statement, SPO’s representative stated that:
“SPO has reported the incident to the relevant authorities and will work closely with them in relation to the incident. SPO is contacting potentially affected parties to inform them about the incident.”
Who Got Affected The Most?
The most impacted employees are the ones based in Malaysia and Singapore. However, there are records of employees from the UK, the Philippines, and China.
The group has shared details of the stolen data as well, which included:
- Full names
- location data
- Passport scans
- Banking details
- Phone numbers
- Email addresses
- Company names
- Payment advice
- Personal folders
- Mailbox backups
Screenshot from the leaked data (Image: Hackread.com)
Cl0p’s Previous Victims
Cl0p is a highly sophisticated ransomware group. They have launched several high-profile attacks this year. In Feb 2021, they targeted Donald Trump’s former law firm Jones Day and leaked the company’s stolen data online. The law firm initially denied the breach but later confirmed it.
It is also behind the Accellion File Transfer Application’s attack that lasted for months and was connected to the Jones Day attack and impacted corporate clients’ data of Morgan Stanley bank.
Other notable Cl0p victims include Qualys, Bombardier, ExecuPharm, and 6 top universities in the United States including Yeshiva University, Stanford University, The University of Miami, The University of Maryland, The University of Colorado Boulder, and The University of California, Merced.
