Cyber Incident Victim: Enzo Biochem

The MOVEit Transfer file-sharing software vulnerability, exploited by the Russia-linked Clop ransomware gang, led to confirmed breaches at multiple U.S. federal agencies in late May 2023. The Cybersecurity and Infrastructure Security Agency (CISA) acknowledged intrusions affecting "several" agencies but did not disclose specific names or quantities. The Department of Energy confirmed two compromised entities—Oak Ridge Associated Universities and the Waste Isolation Pilot Plant—exposing personally identifiable information of employees and contractors. CISA Director Jen Easterly characterized the attacks as opportunistic, with no evidence of data theft targeting high-value information or persistent system access. Federal agencies with active MOVEit contracts included the Department of the Army, Department of the Air Force, and Food and Drug Administration. Progress Software, MOVEit's developer, issued patches for the original vulnerability and a subsequent flaw (CVE-2023-35708) that risked unauthorized access.

Clop claimed on its dark web leak site to have erased government data and listed new victims on June 16, 2023, including Enzo Biochem, a New York-based biotechnology company. Other listed entities included the Boston Globe, East West Bank, and Microsoft-owned Nuance. Enzo Biochem’s spokesperson Lynn Granito declined to comment when contacted by TechCrunch. Clop had previously named Shell, 1st Source, and First National Bankers Bank as victims. Despite Clop’s claims, Easterly stated no U.S. government agency data was threatened with extortion or public release. The Department of Energy notified Congress, law enforcement, and CISA, initiating investigations and mitigation efforts for its breached entities. No technical details regarding Enzo Biochem’s specific compromise, data exfiltration scope, or remediation actions were disclosed in available reports.