Clorox needs to do some cleanup as some of its IT systems remain offline and operations are “temporarily impaired” after a security breach.
In Monday’s filing with the SEC, the US financial watchdog, the major cleaning company revealed “fraudulent activity” within its network.
The intrusion continues to disrupt “some of the company’s operations,” and the company “is diligently responding and addressing this issue, and is working with law enforcement.” Form 8-K Submit.
The manufacturer also hired a third-party cybersecurity firm to investigate the disruption and help clean up IT.
Clorox, whose brands include Glad, Tilex, Pine-Sol, Liquid-Plumr, and several other home and personal care products, declined to respond. registera specific question about bleaching Breach, including whether the intruder took the stolen data.
Instead, a spokesperson emailed us a statement essentially repeating the SEC report in describing “recently identified anomalous activity.”
The statement continued:
We don’t know when the break-in happened or how long it took Clorox to discover the hack, but expect to learn more in the near future.
A Clorox spokesperson said, “The investigation into the nature and scope of the incident is ongoing and is at a very early stage.” “Our team is working diligently to restore our systems safely and quickly, and we will ensure that all our suppliers and customers are properly updated.” ®
IBM Attacks in MOVEit Hall, 4 Million Patient Data at Risk
In other security breach news, the Colorado Department of Health Policy and Finance (HCPF) reported that more than 4 million people, mostly patients in low-income health care programs, had their data stolen by the Clop ransomware gang. I was informed of the possibility.
The department, which administers Medicaid and other health care programs in US states, is one of the departments most recently caught in the massive MOVEit looting. However, HCPF did not use the Progress Software File Transfer Tool directly. It turns out that IBM was using his MOVEit, IBM has a technology contract with the state of Colorado, a third party of his vendor. It turns out he got the HCPF data.
According to the infringement notice, “HCPF or Colorado systems were not affected by this issue.” [PDF] from the department
Still, it probably won’t be too comforting for them 4,091,794 Health First Colorado and Child Health Plan Plus (CHP+) members’ names, social security numbers, medical information, health insurance information, and other information may have been accessed by ransomware gangs.
PS: US Congressman Don Bacon (Republican-Nebraska) Said The Chinese Snoop, who hacked into Microsoft’s email cloud to access US government messages, also hacked into his personal and political inboxes.
“I would like to thank the FBI for letting me know that the Chinese Communist Party hacked my personal and campaign emails between May 15th and June 16th of this year,” he said.