The new list of victims includes CGI Group Inc., Tieto Oyj, and IBM Corp.
The U.S. government believes APT10 stole personal records for 100,000 U.S Navy personnel.
The infamous ‘Cloud Hopper’ hack which was previously reported to have infected a bunch of 14 large companies, is massive and believed to be underway.
What does the new report reveal?
An investigation by the Wall Street Journal has revealed that there are at least a dozen new cloud provider companies affected by the campaign carried out by the China-based APT10 group. This new list of victims includes CGI Group Inc., Tieto Oyj, and IBM Corp.
The Journal notes that Hewlett Packard Enterprise Co. had missed the hackers re-entering their clients’ networks, even after the company had given customers the all-clear.
US Navy records also stolen
Among the new findings, the journal also reports that the U.S. government believes APT10 stole personal records for 100,000 U.S. Navy personnel.
Wall Street Journal highlights the issue stems due to the reluctance of many MSPs to fully disclose to their clients if they have been affected. This has forced the Department of Homeland Security (DHS) to revise federal contracts with cloud companies.
The vicious cycle continues
The Cloud Hopper hack was first identified in 2016 and Rio Tinto, a company whose operations include copper, diamonds, iron ore and uranium, was among the earliest targets. The firm was breached through cloud provider CGI as far back as 2013.
However, upon discovery of the hack, Reuters reported that IBM along with Fujitsu, Tata Consulting Services, NTT Data, Dimension Data, Computer Sciences Corp. and DXC Technology had emerged victims of the AP ..
Support the originator by clicking the read the rest link below.
