Clop Ransomware Group Claims TomTom

Estimated read time 2 min read

Leading navigation technology company TomTom has become the latest victim of the notorious Clop ransomware group, as cybercriminals exploited a vulnerability in the MOVEit Transfer application to steal company data. This attack raises the total number of affected organizations to 261, with nearly 18 million individuals’ data compromised, according to security researcher Brett Callow.

Data Breach via MOVEit Transfer Zero-Day Exploit

MOVEit Transfer, a popular file exchange application used by numerous organizations to share confidential internal data, has been the gateway for this breach. In late May, the Clop group leveraged a zero-day exploit within MOVEit Transfer to steal vast databases filled with personal data. The perpetrators have threatened to publish the pilfered data on their own website unless a ransom is paid.

Brett Callow on the TomTom breach
Brett Callow on the TomTom breach

The Clop group routinely discloses the names of new victims on their website. TomTom was one of the companies revealed recently. A spokesperson for TomTom confirmed the company’s victim status to the ANP news agency but claimed that no data was taken that could have a “negative material impact on TomTom or its customers.” The type of data stolen has not been revealed by the spokesperson.

Clop Group Claims to Hold 82GB of Stolen Data

While the company remains tight-lipped about the specifics of the data stolen, the criminal group purports to have acquired 82 gigabytes of information. TomTom informed TechCrunch that they detected the data leak last month. Regulatory authorities have been alerted about the breach, as the investigation continues.

Reza Rafati

Reza Rafati, based in the Netherlands, is the founder of An industry professional providing insightful commentary on infosec, cybercrime, cyberwar, and threat intelligence, Reza dedicates his work to bolster digital defenses and promote cyber awareness.

You May Also Like

More From Author