Scroll Top

PwC targeted by notorious Russian cyber criminals in daring cyber attack

ANP250623063-1_2023-06-25-100008_gqwe

PwC, one of Australia’s leading accounting firms, has been hit by a severe blow as it falls victim to a cyber security breach orchestrated by a notorious Russian criminal syndicate. This incident comes at a time when PwC has already been grappling with a tax scandal, further adding to the challenges faced by the embattled company. The breach occurred through a third-party software called MOVEit, which was exploited by the cyber crime syndicate to gain unauthorized access to sensitive client data.

The Attack
Late on Monday, it was reported that PwC had fallen prey to a cyber security breach, with the Russian hacker group known as CI0P being identified as the culprits. CI0P, infamous for its previous ransom demands, successfully targeted PwC through the vulnerability found in MOVEit, the software used by the accounting firm to transfer confidential information. Unfortunately, PwC is not the sole victim of this cyber attack, as other companies, including Medibank and rival accounting firm EY, have also suffered breaches due to the vulnerability present in MOVEit.

The Extent of the Damage
The impact of the cyber attack extends beyond Australian borders, as US authorities confirmed that numerous American businesses had also been compromised. Prominent organizations such as British Airways, the BBC, and several US government agencies have fallen victim to CI0P’s ransom demands. Of particular concern is the case of the US state of Louisiana, where the personal information of every current driver’s license holder, identification cardholder, and car registration holder has been stolen. CI0P has threatened to expose the targeted companies and leak the stolen data on the dark web if their ransom demands are not met within seven days.

PwC’s Response
PwC has taken immediate action to address the breach and minimize the damage caused. The company stated that the hack has affected only a limited number of clients and that they have ceased using MOVEit for information dissemination. Upon discovering the incident, PwC initiated an internal investigation and promptly notified affected clients about the breach. Additionally, PwC reached out to the vendor responsible for MOVEit to address the cybersecurity incident and obtain further assistance.

Impact on Other Organizations
EY, another prominent accounting firm, has also been affected by the breach, although it remains uncertain whether any data has been compromised. EY discovered a critical vulnerability in MOVEit at the end of May and has since been conducting a thorough investigation into its use of the software. While most of their systems appear to be secure, EY is manually examining systems that may have been accessed to ensure the safety of sensitive data. Medibank, a health insurer, is cautiously optimistic that its customers’ data has not been compromised and is working closely with the vendor to investigate the situation further.

Previous Cyber Attacks in Australia
The recent cyber attack on PwC adds to a growing list of high-profile breaches in Australia. Just this month, law firm HWL Ebsworth experienced a data breach that compromised information related to hundreds of clients over a five-year period. Financial firm Latitude also suffered a hack, resulting in the theft of passport numbers, driver’s licenses, and/or Medicare numbers belonging to 333,000 customers. Previous incidents involving Medibank and Optus have further highlighted the vulnerability of customer data, emphasizing the urgent need for robust cybersecurity measures in various sectors.

PwC’s Ongoing Challenges
In addition to the cyber attack, PwC has been facing difficulties in recent weeks due to a controversial tax scheme. The company’s former head of international tax, Peter Collins, was found to have leaked a confidential government briefing on combating tax avoidance to clients and partners. As a consequence, Mr. Collins has been banned from acting as a tax practitioner, and the scandal has been referred to the Australian Federal Police for a criminal investigation. Furthermore, PwC Australia’s chief executive, Tom Seymour, has resigned after his involvement in receiving emails containing confidential Treasury information from Mr. Collins came to light.

Moving Forward
As PwC, along with other affected companies, continues to investigate the breach and work toward strengthening their cybersecurity measures, this incident serves as a stark reminder of the ever-present threat posed by cyber criminals. With organizations across various industries falling prey to sophisticated attacks, it is imperative for businesses to remain vigilant and prioritize the protection of sensitive data through robust security protocols and regular audits of their systems.

Related Posts

Leave a comment

You must be logged in to post a comment.
Privacy Preferences
When you visit our website, it may store information through your browser from specific services, usually in form of cookies. Here you can change your privacy preferences. Please note that blocking some types of cookies may impact your experience on our website and the services we offer.