Executive Summary
A successive MOVEit hack in the US breached data for about 1.3 million individuals.
The State of Maine was the target. The State addresses the fallout by securing affected information, offering credit monitoring services, and establishing a dedicated call center for citizens.
This incident is part of a broader MOVEit hacking campaign conducted by the Cl0p ransomware group. The estimated total financial impact of this campaign is roughly in the billions of dollars.
The MOVEit hacks exploit a vulnerability, CVE-2023-34362 with a CVSS score of 9.8. The successful exploits highlight the widespread vulnerability of file transfer platforms, with severe consequences for organisations and individuals alike.
What Happened
On May 31, 2023, the State of Maine faced a software vulnerability in MOVEit, a third-party file transfer tool widely used globally. Cybercriminals exploited this vulnerability to compromise data belonging to certain State agencies.
The data breach impacted approximately 1.3 million individuals. The type of data accessed by the threat actors varies on the individual and their association with the State. Compromised data may include sensitive information such as the Social Security number (SSN), date of birth, driver’s license/state identification number, taxpayer identification number, medical information, and health insurance information of some individuals.
The State took measures to secure its information. These include limiting MOVEit server access, implementing security measures, engaging legal counsel and external cybersecurity experts, and conducting a thorough investigation. Additionally, a dedicated call center has been established to assist citizens in determining if their data was compromised.
The MoveIt Hacks
The MOVEit hacks extend beyond the State of Maine, as evidenced by a large-scale hacking campaign orchestrated by the Cl0p ransomware group. The campaign targeted the MOVEit Transfer file transfer platform, impacting around 1,000 organizations and 60,144,069 individuals. Notable affected organisations include Maximus, Pôle emploi, Louisiana Office of Motor Vehicles, and others.
Please refer to our previous articles for more information about the MoveIt Hacks:
- Sony’s MOVEit Breach: Employee Data Exposed
- MOVEit Hack: Further Insights and Implications
- Continued MOVEit Data Breach: 3+ Million Individuals Affected
- What We Have Learned from MOVEit Attacks
- Cl0p Extorts MOVEit Data
- Massive MOVEit Transfer Data Breach: Millions of IDs Exposed
Cybersecurity firms Emsisoft and Resecurity reported on the extensive reach of the MOVEit campaign. Accordingly, finance, professional services, and education sectors are the most heavily impacted. The financial implications of the breaches are challenging to quantify accurately. However, estimates based on IBM’s “Cost of a Data Breach Report 2023” suggest potential costs reaching billions of dollars.
These attacks underscore the severity and scale of contemporary cybersecurity threats. Robust measures are indeed necessary to safeguard sensitive information and mitigate the far-reaching consequences of such breaches.
- Russian APT Group Breaches HPE’s Emails
- Yahoo! Faces 10M EUR Data Protection Violation Fine in France
- [CVSS 7+] Unprecedented HTTP/2 DDoS Attack
- Joomla! Alert: Address Exploited Vulnerability Immediately
- [CVSS 8+] Apple Releases Critical Security Updates
- [Zero-Day]Ongoing Battle between Cisco and Exploit Actors