Shell Oil Company the Latest Hit By MOVEit Data Breach
Table of Contents
- By Steven
- Published: Jul 14, 2023
- Last Updated: Nov 23, 2023
Shell is one of the largest oil and gas companies in the world today. The organization is based in London, England, and has branches in many countries throughout the world, including the United States. Shell has an estimated annual revenue of $381.3 billion USD and employs approximately 86,000 people. The company was recently added to the list of victims of the large-scale MOVEit data breach. Details are still fuzzy, but it appears that many individuals could be compromised.
How Did the Attack Occur?
Earlier this year, Shell was involved in the C10p ransomware attack that affected so many other companies. The Russian-linked gang of hackers discovered and exploited a zero-day vulnerability in the MOVEit secure file transfer service. This exploit has allowed the hackers to take data from more than 130 separate companies, and Shell is now on the list of affected organizations.
What Information Was Viewed or Stolen?
We weren't given specific details about what information was taken from Shell due to this data breach. We suspect that some personal and commercial data was stolen during the attack, but anyone connected with the company will have to wait for an official report to come out or individual notices before they know what data was actually taken. If you believe your information was taken in connection with Shell, you should watch over your accounts and credit and prepare to reach out to companies to protect yourself if fraudulent accounts open in your name.
How Did Shell Admit to the Breach?
Shell made a short statement last week confirming that it had been hit by the C10p ransomware attack in connection with the MOVEit file-sharing tool. The statement does not specify what data was taken, nor does it say specifically when the company lost the data. It only confirms that Shell was hit. Sources say that Shell did not agree to pay the ransom, so any information taken by the gang of hackers is lost for good and will likely end up online.
What Will Become of the Stolen Information?
We don't know what data was taken in this attack, but we have a good idea about what the information will be used for. The stolen data will be posted online by the ransomware gang and will likely be exploited, shared, sold, and used to generate a profit for the hackers in any way possible. If your data was involved in the Shell breach, you could suffer from hacker attacks in the near future. We have no way of knowing if any personal data was included in this breach, but we suspect that future issues will result from the attack if extreme care isn't taken to handle the situation.
What Should Affected Parties Do in the Aftermath of the Breach?
If you believe your data was taken during the Shell breach or in connection with any of the MOVEit file breach attacks, you should take steps to guard yourself immediately. Begin by investing in a credit monitoring service and pulling all of your most recent credit reports. Use the data you obtain from the reports to learn if you have any odd changes, including new credit cards or accounts in your name. If you detect anything strange, reach out to the companies providing you with the accounts and tell them the accounts are fraudulent and that you were attacked.
