Generic filters
Exact matches only
Search in title
Search in content
Filter by Custom Post Type
Posts
Filter by Categories







Massive MOVEit Data Breach: Millions of IDs Exposed

What Happened

The Cl0p ransomware targeted the MOVEit Transfer in Louisiana and Oregon, leading to a significant MOVEit data breach. The attacks began on May 27th, and resulted in the exposure of stored data such as personal ID cards. This data breach by Cl0p, utilizing a zero-day vulnerability, affected millions of personal identification cards.

Who Was Affected

The MOVEit data breach affected both the Louisiana Office of Motor Vehicles (OMV) and the Oregon Driver & Motor Vehicle Services.

In Louisiana, it is believed that all individuals with a state-issued driver’s license, ID, or car registration had their personal information exposed.

Similarly, in Oregon, approximately 3.5 million residents with an ID or driver’s license were impacted.

Response and Precautions

Although there is no evidence that the stolen data has been used, authorities advise affected individuals to take precautions.

This includes protecting their identity, resetting passwords, placing a credit freeze on bank accounts, and reporting any suspicious activities.

As the authorities cannot identify specific victims, all citizens should assume their personal data was exposed and remain vigilant against potential targeted phishing attacks.

Additional Information

Beyond Louisiana and Oregon, various other organizations have disclosed data breaches related to the MOVEit Transfer software. These include US federal agencies, Zellis (BBC, Boots, and Aer Lingus), the University of Rochester, and several US state agencies. While the stolen data has not yet been leaked, there is uncertainty regarding whether the Cl0p ransomware gang will delete it as promised. Therefore, affected individuals should continue to monitor credit reports for identity theft. Also, they should be cautious of potential threats such as targeted phishing attacks.

RECENT BLOG POSTS

PODCASTS

Cubic Lighthouse is a cybersecurity publication dedicated to demystifying security, making news actionable, providing deeper thinking about the fundamentals of security, and providing decision-makers and the community at large with the right information to make the right decisions. We will also feature more technical articles and provide personal/family security advice.

©2024 Cubic Consulting, a Smart Security Company for your Business – All Rights Reserved.