IE 11 Not Supported

For optimal browsing, we recommend Chrome, Firefox or Safari browsers.

MOVEit

Coverage of the MOVEit incident and related cybersecurity issues.

As ransomware attacks have continued to hit state and local organizations — and tech advancements like generative AI have continued apace — cyber experts predict evolving malicious tactics for 2024.
The breach that exposed the data of an estimated 1.3 million residents was discovered six months before notifications were sent out. Experts say the delay was necessary to investigate the incident.
The breach affected more than half of the data held by state’s Department of Health and Human Services, as well as data from other agencies. The incident affects 1.3 million people, in some cases exposing Social Security numbers.
UMass Chan Medical School learned about a security incident on June 1 that may have compromised names, birthdates, social security numbers, financial accounts or other sensitive information of more than 134,000 people.
A vendor used by the Georgia Teachers Retirement System to prevent benefit overpayments was part of the widely reported MOVEit hack, potentially impacting those who were paid benefits between March 1 and May 26.
For the second time in the state, a large number of people had their data exposed when hackers exploited vulnerabilities in the file transfer tool MOVEit. The breach targeted a contractor to the Oregon Health Plan.
Officials announced that the county had been targeted by CL0p, a hacking group tied to Russia, in a cybersecurity breach of the common file transfer tool MOVEit. A range of sensitive personal data was affected in the breach.
The county is currently looking into whether data was exposed during a breach of a file transfer system used by a billing provider for its fire and emergency services system.
The attack highlights risks around holiday weekend attacks, targeted software supply chains and the growing popularity of data-theft-based extortion. Still, zero-day exploits comprise only a small slice of extortion attacks.
Widely used platforms like MOVEit are a prime target for cyber extortionists, who will likely continue these kinds of attacks, but there are also strategies that can help organizations prepare.