Data Breach

MOVEit Transfer Users Data Breach

93.0M records exposed • May 2023

A bug in file transfer software called MOVEit let hackers break into thousands of companies at once. It was one of the biggest hacks ever, affecting 93 million people.

What Happened

The Clop ransomware group exploited a zero-day SQL injection vulnerability in MOVEit Transfer, affecting over 2,500 organizations and exposing data on 93+ million individuals.

Attack method: SQL injection zero-day vulnerability

What Data Was Exposed

Personal data varies by organization, Financial data, Healthcare records, Government records

Is your business exposed?

What to Do If You're Affected

1.
Check if you are a customer of an affected organization
2.
Freeze credit if financial data was exposed
3.
Monitor for phishing attempts using stolen data

Lessons for Businesses

• Zero-day vulnerabilities can affect supply chains at scale
• File transfer applications need rigorous security
• Third-party risk management is essential

Sources

https://www.progress.com/security/moveit-transfer-and-moveit-cloud-vulnerability

Related Breaches

Moveit, Solarwinds 2020

Is your business exposed?

Check if your company data is circulating on the dark web

Free scan • No credit card required