Search Results for “MOVEit”

Late Discovery: CMS and Wisconsin Physicians Service Insurance Corporation notify 947k of last year’s MOVEit data breach

Posted on September 7, 2024 by Dissent

Susan Morse reports: The Centers for Medicare and Medicaid Services and Wisconsin Physicians Service Insurance Corporation are mailing written notifications to 946,801 people whose protected health information or other personally identifiable information may have been compromised in a cyber breach. A security vulnerability was found in MOVEit software, a third-party application used in the transfer…

One year on, University System of Georgia admits MOVEit attack hit data of 800k people

Posted on May 8, 2024 by Dissent

Connor Jones reports: Just short of a year after the initial incident, the state of Georgia’s higher education government agency has confirmed that it was the victim of an attack on its systems affecting the data of 800,000 people. University System of Georgia (USG), which oversees 26 higher education institutions in the state, filed a disclosure with…

Oregon DMV sued over 2023 MOVEit data breach

Posted on May 4, 2024 by Dissent

In June 2023, DataBreaches reported that the Oregon Department of Motor Vehicles (DMV) had become a victim of the MOVEit breach by Clop. The DMV reported that 3.5 million drivers may have been affected. At the time, the state issued a statement saying, in part: We do not have the ability to identify if any…

CMS Notifies Additional Individuals Potentially Impacted by MOVEit Data Breach

Posted on November 16, 2023 by Dissent

As part of an ongoing investigation into the May 2023 data breach of Progress Software’s MOVEit Transfer software on the corporate network of Maximus Federal Services, Inc. (Maximus Federal Services), a contractor to the Medicare program, the Center for Medicare & Medicaid Services (CMS) has learned of additional individuals whose personally identifiable information (PII) may…

MOVEit hackers leverage new zero-day bug to breach organizations (CVE-2023-47246)

Posted on November 9, 2023 by Dissent

Helga Labus reports: A critical zero-day vulnerability (CVE-2023-47246) in the SysAid IT support and management software solution is being exploited by Lace Tempest, a ransomware affiliate known for deploying Cl0p ransomware. […] The (limited) attacks were first spotted by the Microsoft Threat Intelligence team, and they notified Israeli software maker SysAid about them on November…

MOVEit Data Breach Lawsuits Sent to Massachusetts Federal Court

Posted on October 5, 2023 by Dissent

Christopher Brown reports: More than 100 lawsuits arising from a cyberattack on Progress Software Corp.‘s MOVEit file transfer application will be consolidated in federal court in Massachusetts, the Judicial Panel on Multidistrict Litigation said. Centralization of the lawsuits in the US District Court for the District of Massachusetts will serve the convenience of the parties and…