MOVEit Software Breach: What You Need to Know
In May, MOVEit, a prominent file transfer platform by Progress Software, fell victim to a cyberattack orchestrated by the Russian ransomware group Cl0p. The perpetrators exploited a previously unidentified vulnerability in Progress’s system. Even though a security patch was promptly released post-discovery, several users who failed to update remained vulnerable.
MOVEit is employed globally by many governments, financial institutions, and public and private enterprises. Preliminary estimates suggest that data from around 455 organizations and a staggering 23 million individuals using MOVEit was compromised.
Some of the notable affected organizations include:
– The US Department of Energy
– New York City Department of Education
– UCLA
– Shell
– Ernst & Young
– Northwest Mutual
– Pacific Premier Bank
– TransAmerica Life Insurance
– Honeywell
– Bristol Myers Squibb
– Gen/Norton LifeLock
– Radisson Hotel
– BBC
– British Airways
A majority (73%) of these affected entities are US-based, with the finance, professional services, and education sectors being the hardest hit.
Cl0p ransomware, active since 2019, often exposes stolen data on the dark web – the internet’s underworld where anonymous cybercriminal activities thrive. Evidence points towards FIN11, a cybercrime group with ties to Russia and Ukraine, behind Cl0p. They’re speculated to be a subset of the more expansive TA505 operation.
The gravity of this breach is magnified as many compromised entities have a vast clientele, including other businesses and government bodies. If you’re linked to any of these institutions, your data might be at risk.
**Did You Receive a Breach Notification?**
Surprisingly, this security lapse didn’t capture the mainstream media’s attention as expected. Companies are, however, legally bound to notify affected parties if their data is jeopardized. Notifications could be via email or traditional post. Yet, emails might be lost to spam filters, and notifying millions via post can be logistically challenging.
For those utilizing MOVEit, it’s imperative to:
– Update all passwords and PINs immediately.
– Opt for strong, unique passwords with a mix of upper and lower-case letters, numbers, and symbols.
– Activate multifactor authentication (MFA) for essential software and web services like Microsoft Office, QuickBooks, and online banking.
Concerned about your company’s data exposure on the dark web? Click here for a complimentary Dark Web Vulnerability Scan exclusive to organizations (not available for individuals). Provide us with your domain, and we’ll confidentially share the findings. For inquiries, reach us at 941-240-2675.
