Data Breach
MOVEit (Progress Software) Data Breach
95.0M records exposed • May 2023
MOVEit is software that companies use to send files securely. The Clop ransomware gang found a bug that let them steal data from any company using MOVEit. They hit thousands of organizations at once—government agencies, banks, hospitals, universities. If any company you've done business with used MOVEit, your data might be in this breach.
What Happened
The Clop ransomware gang exploited a zero-day SQL injection vulnerability in MOVEit file transfer software to conduct a mass data theft campaign. Over 2,700 organizations were affected, including government agencies, airlines, healthcare providers, and financial institutions. The incident highlighted how a single software vulnerability can cascade across thousands of organizations.
Attack method: SQL injection zero-day vulnerability (CVE-2023-34362)
What Data Was Exposed
Varies by organization, Personal identifiable information, Financial data, Healthcare records, Government records, HR data, Payroll information
Is your business exposed?
What to Do If You're Affected
- 1.
Check the MOVEit victim list for organizations you've interacted with
- 2.
Monitor for breach notifications from affected organizations
- 3.
Freeze credit if SSN may have been exposed
- 4.
Enroll in free credit monitoring offered by affected organizations
- 5.
Watch for targeted phishing using specific stolen data
- 6.
Assume government data (DMV, benefits) may be compromised
Lessons for Businesses
- • Supply chain attacks can impact thousands of organizations simultaneously
- • File transfer software is an attractive target for attackers
- • Zero-day vulnerabilities in enterprise software pose systemic risk
- • Incident response must extend to all software dependencies
Sources
Related Breaches
Is your business exposed?
Check if your company data is circulating on the dark web
Free scan • No credit card required