Executive Summary
Last week, a report by cybersecurity firm Sophos and VPN service provider AtlastVPN revealed that education was the most targeted sector in ransomware attacks.
Educational institutions, particularly in the US, have become prime targets for cyberattacks, with 70 to 80% experiencing ransomware attacks in 2022.
The MOVEit hack, affecting nearly 900 US schools, underscores the vulnerability of educational institutions.
Sensitive student records were stolen in the MOVEit data breach, which was discovered on June 20.
National Student Clearinghouse, a network comprising 3,600 colleges/universities and 22,000 high schools, confirmed the breach.
About MOVEit
MOVEit is a managed file transfer software developed by Progress Software Corp, widely used across sectors for sharing information.
The platform offers cloud-based file transfer management software and runs in virtual environments.
Targeting Educational Institutions and Beyond
The MOVEit platform suffered a cyberattack on May 31, 2023, with Cl0p ransomware, impacting 2,053 organizations and 57,624,249 individuals as of September 22, 2023.
Over 90% of the impacted organizations were in the US.
The National Student Clearinghouse, a non-profit organization, confirmed that around 900 colleges/universities were affected by the MOVEit attack.
The breach involved the unauthorized access of sensitive student data, including names, contact details, school records, and more.
The organization took steps to enhance security, including software patching, stricter monitoring, and offering identity monitoring services for affected individuals.
The MOVEit hack has far-reaching consequences, affecting various organizations beyond educational institutions, including Norton’s parent company, Gen Digital, the US Department of Energy, Siemens Energy, Shell, and Schneider Electric.
Notable entities like the French government agency Pole Emploi, the Colorado Department of Health Care Policy and Financing, and Maximus also suffered significant data breaches.
Takeaways
For organizations that are still utilizing an exposed version of MOVEit, it is crucial to address this issue promptly, as ample time has passed for remediation.
We continue to monitor developments related to the MOVEit attack. For further updates and analysis, please refer to our earlier news articles on this topic:
- What We Have Learned from MOVEit Attacks
- Cl0p Extorts MOVEit Data
- Massive MOVEit Data Breach: Millions of IDs Exposed
- Merck’s $1.4B NotPetya Insurance Claim Settlement
- US Cancer Center Hit: Ransomware Breaches Patient Data
- Yahoo! Faces 10M EUR Data Protection Violation Fine in France
- Cyberattack Exposes 9 Million Patient Records in the US
- [CVSS 9+] CISA Releases Nineteen Advisories for Industrial Control Systems
- McLaren Health Care Hit by Ransomware