Cyber Security Threat Summary:
A cyberattack on MOVEit file-transfer servers since late May has affected over 637 organizations. German cybersecurity company KonBriefing reported this number. It includes groups directly hacked through their MOVEit servers and others connected to users of Progress Software's file-transfer tool. The Clop ransomware group, thought to be Russian, is behind the attacks. They've taken data with personal details of about 41 million people. Emsisoft, a security firm, shared this info. More individuals might be affected as investigations continue. One victim is Missouri's Department of Social Services (DSS). They found out Medicaid user info could be taken from IBM's MOVEit server. The DSS is still looking into it and will notify and help those affected. The stolen info covers names, client numbers, birthdates, benefit status, coverage, and medical claims.
Security Officer Comments:
Multiple organizations fell victim to the MOVEit attacks not directly but due to their use of service providers. In addition to Missouri's DSS, they include National Student Clearinghouse, which works with more than 3,500 colleges and universities in the U.S. and which has data on 17.1 million current postsecondary students. Another widely used service provider and MOVEit user is PBI Research Services, which helps financial services firms comply with regulatory requirements, including identifying policyholders who are deceased as well as their beneficiaries. In June, Clop began posting to its data leak site the names of victims who declined to pay a ransom. The group has also been leaking data it stole from some organizations, although it claims to have deleted any information it stole from government entities.
Top 10 Organizations With Most Victims
- Maximus Inc. - 8 million to 11 million
- Louisiana's Office of Motor Vehicles - 4.6 million to 6 million
- Oregon Driver & Motor Vehicle Services - 3.5 million
- Teachers Insurance and Annuity Association of America - 2.63 million
- Genworth - 2.5 million to 2.7 million
- Performance Health Technology - 1.7 million
- Wilton Reassurance Co. - 1.48 million
- Milliman Solutions LLC - 1.28 million
- Allegheny County - 967,690
- F&G Annuities & Life/Fidelity & Guaranty Life Insurance Co. - 873,000
After a breach, keeping an eye on your personal info (like your name, birthdate, and finances) is crucial. It stops bad guys from using your info for scams and theft. If you think your info was part of the breach, watch your accounts for strange stuff. This helps you stay safe.