TJ Maxx parent company named in MOVEit hack

TJX, the American multinational corporation of discount brand department stores, confirmed to Cybernews that it has joined the hundreds of victims impacted by the MOVEit ransom attack spree.

The parent company of thousands of apparel and home goods stores across the US, Canada, Europe, and Australia was named on the Cl0p ransomware group’s dark leak site Monday.

At the time of this report, the Massachusetts-based TJX was no longer is listed on the Cl0p site, but reappeared on the leak site the following day.

Still, Andrew Mastrangelo, Assistant Vice President of Global Communication, replied to Cybernews with a statement regarding the MOVEit attacks.

“TJX is among a number of companies impacted by a widespread global cybersecurity event related to a vulnerability in Progress Software’s file transfer software MOVEit Transfer,” the statement said.

“Although some files appear to have been downloaded by an unauthorized third party before Progress notified us of the vulnerability… based on current information, we do not believe there was any unauthorized access to any customer or Associate personal information on TJX’s systems or any material impact to TJX,” it said.

“We take protecting the data of our customers, Associates, and vendors seriously and we are monitoring the situation closely,” TJX said.

TJX and TJX Canada’s off-price department stores include TJ Maxx, Marshalls, Homegoods, HomeSense, Sierra, and Winners.

List of MOVEit victims continues to grow

The Moveit Transfer system – distributed by the American software company Progress – is used by thousands of companies globally to securely send and receive files.

Experts we’ve spoken to say that around 3,000 deployments of the MOVEit application were active when the vulnerability was first discovered.

The Russian affiliated Cl0p gang began to leak the names of victims affected by the MOVEit attacks back on June 14th.

Shell Global happened to be the first named out of more than 150 companies listed on the Cl0p leak site, with more expected in the coming weeks, if not months.

TomTom, Pioneer Electronics, Autozone were the last batch of victims to be named on Friday.

Nearly a month later, in a “who's who” of victims, Shutterfly, Warner Bros Discovery, AMC Theatres, Honeywell, Choice Hotels’ Radisson Americas chain, and Crowe accounting advisory firm have all confirmed a breach of customer data.

Cybernews has also confirmed ING Bank, as well as three other major European banks – Deutsche Bank, Postbank, and Comdirect – were impacted in the MOVEit attacks last week through a common third-party vendor, Majorel.

Earlier MOVEit victims include PWC, Ernst & Young (EY), Sony, Siemens Energy, the NYC Department of Education.

Several US federal agencies, including the Departments of Energy and Health, were also impacted, prompting the FBI to issue a $10 Million dollar bounty on the Cl0p gang.

The ransom gang also made headlines in March, claiming responsibility for another zero-day attack exploiting the similar Go Fortra Anywhere file management system, affecting 120 victims, including Shell (again), Procter & Gamble, Hitachi, Rubrik, and Virgin.

The number of MOVEit victims is thought to be at least double that of the Go Anywhere hacks.

More from Cybernews

How popular AI apps are invading your privacy

Three different types of artificial intelligence, explained

Original iPhone auctioned for over $190,000

Johnny Cash sings ‘Barbie Girl’ in AI cover

Twitter starts sharing ad revenue with creators: how long will it last?

Subscribe to our newsletter

Leave a Reply

Your email address will not be published. Required fields are markedmarked