Embattled PwC caught up in Russian cyberattack

Save articles for later

Add articles to your saved list and come back to them any time.

PwC Australia has joined a growing list of companies caught up in the latest cyberattack carried out by a notorious Russian hacker group.

Cybercrime group CL0P, which is well known for its ransomware demands, has accessed sensitive data from dozens of well-known companies and organisations after exploiting a flaw in MOVEit, a third-party software platform used by organisations to transfer sensitive data between different parties.

PwC says its own network has not been penetrated as a result of the attack on third-party platform, MOVEit. Credit: Bloomberg

Last week, the US Cybersecurity and Infrastructure Security Agency (CISA) confirmed the attack, which had affected a number of state and federal government departments in the United States.

Meanwhile, a host of organisations in Britain, including the BBC, energy group Shell and British Airways, have also been caught up in the hack.

PwC’s involvement was first reported by The Australian Financial Review, and on Monday the company confirmed that it used MOVEit software to transfer select information.

“We are aware that MOVEit, a third-party transfer platform, has experienced a cybersecurity incident which has impacted hundreds of organisations including PwC. PwC uses the software with a limited number of client engagements,” a PwC Australia spokesman said.

“As soon as we learned of this incident we stopped using the platform and started our own investigation.”

PwC said its initial investigations had shown that the company’s internal IT network had not been compromised, with the cyberattack on MOVEit having a limited impact on PwC.

“We have reached out to the small number of clients whose files were impacted to discuss the incident,” the PwC spokesman said.

Australia’s Crown Resorts was embroiled in a similar cyber incident in March, when another third-party file transfer service, GoAnywhere, was hacked.

In that case, a ransomware group contacted Crown and claimed they had illegally obtained a limited number of Crown files. Crown said at the time that no customer data had been compromised, and its business operations had not been affected.

In an update in April, the company confirmed that a small number of files had been released on the dark web, including employee time and attendance records and some membership numbers from Crown Sydney.

“We can confirm that no personal information of customers has been compromised as part of this breach,” Crown said in the update.

PwC is reeling from the impact of a tax scandal that was triggered when one of its partners was banned from tax practice in January for releasing confidential information on government plans to combat tax avoidance.

The information was shared with more than 60 partners and staff and marketed to companies potentially targeted by the tax plans.

Ten partners have stood down or resigned over the matter, and the firm has effectively been banned from further work with the government.

The Market Recap newsletter is a wrap of the day’s trading. Get it each weekday afternoon.

Most Viewed in Business

From our partners

Source: Read Full Article