The Clop ransomware gang has used a zero-day vulnerability in MOVEit to attack over 600 companies and 40 million people including healthcare organizations, educational institutions, financial institutions, government entities, and others.
The attack, which appears to have been tested by Clop hackers since 2021, but broad exploitation appears to have begun in late May 2023, also exploited weaknesses in Fortra’s GoAnywhere file-transfer service and Accellion’s file-transfer devices. Meanwhile, federal contractor Maximus experienced one of the most serious breaches associated with the MOVEit event, possibly exposing personally identifiable information of up to 11 million people.
Even prestigious schools such as Colorado State University were not immune, falling prey to six separate attacks from diverse perspectives. Third-party suppliers for the institution, such as TIAA, National Student Clearinghouse, Corebridge Financial, Genworth Financial, Sunlife, and The Hartford, all disclosed data breaches connected to the MOVEit attacks.
The hack also spread its tentacles to prominent accounting companies such as Deloitte, Ernst & Young, and PwC, putting sensitive client information at risk.
The sources for this piece include an article in CIODIVE.