Data Breach

MOVEit (Extended Impact) Data Breach

95.0M records exposed • May 2023

One bug in file transfer software called MOVEit led to thousands of organizations getting hacked. The Cl0p ransomware gang stole data from government agencies, airlines, and banks all at once.

What Happened

The MOVEit breach affected over 2,500 organizations and 95 million individuals worldwide. Major victims included Shell, British Airways, US government agencies, and many universities.

Attack method: SQL injection zero-day

What Data Was Exposed

Names, Social Security numbers, Financial data, Medical records, Varies by victim

Is your business exposed?

What to Do If You're Affected

1.
Check if any service you use was affected
2.
Enroll in any offered identity monitoring
3.
Monitor for breach notifications

Lessons for Businesses

• File transfer software is a critical attack surface
• Mass exploitation can hit thousands simultaneously
• Supply chain vulnerabilities have cascading effects

Sources

https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-158a

Related Breaches

Moveit

Is your business exposed?

Check if your company data is circulating on the dark web

Free scan • No credit card required