Skip to main content

Cyber gang behind N.S. breach says it erased stolen data, but experts urge caution

Share
HALIFAX -

The ransomware group behind an attack on a file-sharing service that resulted in the theft of personal data from as many as 100,000 Nova Scotians claims it has deleted the stolen information.

A note on the Clop ransomware gang's dark website says it "erased" all the data it stole from governments, cities and police services when it recently hacked the MOVEit file transfer software.

It says, however, that private companies affected by the hack should contact the group by June 14 to discuss a ransom.

Brett Callow, a threat analyst with New Zealand cybersecurity company Emsisoft, says the group's claim to have deleted data belonging to public sector bodies should be assumed to be false.

Callow says in an email today that there is no reason for a criminal enterprise to delete information that may be of value, adding that it could be sold, traded or used for phishing scams.

The Nova Scotia government revealed Tuesday that up to 100,000 past and present public sector workers may have had sensitive personal information stolen in the MOVEit software hack, which affected companies around the globe.

A spokesperson for the provincial Department of Cybersecurity and Digital Solutions says the province will not be communicating with the Clop gang.

"This is a criminal organization," Khalehla Perrault said in an email, adding that it is not trustworthy.

She says anyone who feels they may be affected should monitor their financial transactions and contact their bank to report suspicious activity. The provincial government says it will contact residents whose data was stolen once they are identified.

This report by The Canadian Press was first published June 7, 2023.

For more Nova Scotia news visit our dedicated provincial page

CTVNews.ca Top Stories

Stay Connected