WASHINGTON D.C. (KPEL News) - The U.S. government's agency for combatting cyberattacks has acknowledged a major cybersecurity breach affecting multiple government agencies.

The US Cybersecurity and Infrastructure Security Agency is working on addressing the issue, which is related to a global cyberattack that hit agencies in other countries, like the U.K., according to a report from CNN.

The US Cybersecurity and Infrastructure Security Agency “is providing support to several federal agencies that have experienced intrusions affecting their MOVEit applications,” Eric Goldstein, the agency’s executive assistant director for cybersecurity, said in a statement on Thursday to CNN, referring to the software impacted. “We are working urgently to understand impacts and ensure timely remediation.”

It was not immediately clear if the hackers responsible for breaching the federal agencies were a Russian-speaking ransomware group that has claimed credit for numerous other victims in the hacking campaign.

A CISA spokesperson had no comment when CNN asked who carried out the hack of federal agencies and how many have been affected.

The hacking campaign has been going on for weeks, according to the report, with various agencies and even university systems having been hit.

Johns Hopkins University in Baltimore and the university’s renowned health system said in a statement this week that “sensitive personal and financial information,” including health billing records may have been stolen in the hack.

Meanwhile, Georgia’s state-wide university system – which spans the 40,000-student University of Georgia along with over a dozen other state colleges and universities – confirmed it was investigating the “scope and severity” of the hack.

The cyberattack stems from a software exploit found in software used by several government agencies.

The Russian-speaking hacking group known as CLOP – a well-known group whose "favored malware emerged in 2019," according to reports – began exploiting a new flaw in a widely used file-transfer software known as MOVEit back in May. They used that flaw to target as many organizations and agencies as they could.

Computer hacker stealing data from a laptop
Credit: iStockphoto, Getty Images

Such a massive attack leaves these agencies and the people who work at them vulnerable to blackmail and extortion, experts have warned. Last week, the group claimed credit for some of the hacks seen around the world, which have affected employees of the BBC, British Airways, Shell, and state governments throughout the U.S.

Progress, the U.S. firm that owns the MOVEit software, has also urged victims to update their software.

12 Shrewd Email Tactics Hackers Use To Rip You Off

Computer hackers are working full-time nowadays --not only to hold major corporations hostage with ransomware -but they're also hard at work trying to gain access to private computers and personal information of unsuspecting victims. Surrendering access to these schemers could have disastrous consequences, but sometimes it can be difficult to tell what's legitimate and what's not. That's why I'm sharing 12 emails I've personally received that appear to be as bogus as a three-dollar bill.

No doubt, you have received very similar emails in your inbox and wondered if they were legit. A good rule of thumb to follow is when you receive an email from an unverified source - do not, under any circumstance click on anything in the email or download any attachments. That is exactly how hackers can gain instant access to your computer and your information.