July 10, 2023

A data breach affecting more than 200 organizations and 17.5 million people has been tied to MOVEit, a file-transfer tool developed by Progress Software Corp., according to Emsisoft researcher Brett Callow.

The breach is believed to have been caused by a vulnerability in MOVEit that allowed hackers to gain unauthorized access to sensitive data being transferred by customers. The vulnerability was first discovered in late May and Progress Software has since released patches to address it.

The Cl0p ransomware gang, with ties to Russia, has taken responsibility for exploiting the MOVEit flaw. This group has also been linked to a similar hacking campaign last year, targeting the Accellion file-transfer tool.

Notable organizations affected by the MOVEit data breach include the Minnesota Department of Education, Ofcom (the UK’s telecommunications regulator), Nova Scotia’s health authority, British Airways, the BBC, John Hopkins, PBI Research Services, the National Student Clearinghouse (NSC), and the Teachers Insurance and Annuity Association of America (TIAA).

Multiple educational institutions, including Trinity, Webster, and Chapman, had their data accessed through both NSC and TIAA. Additionally, the Boots pharmacy chain, the Department of Energy, First Merchant Bank, Plains Capital Bank, and the National Institutes of Health Federal Credit Union were also victims of this attack.

The sources for this piece include an article in Axios.