A major data breach linked to a single American software company has affected approximately 600 organizations worldwide, according to cyber analysts confirmed by Reuters.
Despite the breach being disclosed by Progress Software, based in Massachusetts, over two months ago, the number of victims continues to grow. The breach has impacted nearly 40 million individuals who have used Progress’ MOVEit Transfer file management program. The hacking group responsible, known as “cl0p”, has now become more aggressive in their attempts to expose the hacked data to the public.
“We are still in the very early stages of this situation,” stated Marc Bleicher, the Chief Technology Officer at Surefire Cyber, an incident response firm. “The true impact and consequences will only be evident in the future.”
MOVEit is a software used by organizations to transfer large amounts of sensitive data, including pension information, social security numbers, medical records, billing data, and more. Due to the nature of these organizations, they often handle data on behalf of various third parties, resulting in a complex web of data exposure.
For instance, when cl0p infiltrated MOVEit software used by a company called Pension Benefit Information, which specializes in locating surviving family members of pension fund holders, they gained access to the data of the New York-based Teachers Insurance and Annuity Association of America. This association manages pension programs for 15,000 institutional clients, many of whom are now in the process of notifying their employees regarding the breach.
“It’s like a domino effect,” explained John Hammond from Huntress Security, one of the first researchers to track the breach.
Attacks by groups like cl0p are unfortunately quite common. However, the extensive range of victims affected by the MOVEit compromise – from New York public school students to Louisiana drivers and California retirees – has turned this incident into one of the most notable examples of how a single vulnerability in a lesser-known software can trigger a global privacy catastrophe.
Christopher Budd, a cybersecurity expert at British firm Sophos, emphasized how interconnected organizations are in terms of digital defense.
Progress Software has labeled themselves as the target of “an advanced and persistent cybercriminal group” and states their focus is on supporting their customers.
‘THOUSANDS OF COMPANIES’
The hacking campaign by cl0p began on May 27, according to insider sources familiar with Progress’ investigation.
Progress was alerted to the breach the following day by a customer who noticed unusual activity. On May 30, the company issued a warning, followed by a “patch” or software repair the day after which partially mitigated the hackers’ actions.
“Many organizations were able to deploy the patch before it could be exploited,” stated Eric Goldstein, a senior official at the US Cybersecurity and Infrastructure Security Agency.
Unfortunately, not all organizations were fortunate enough to escape unharmed. The exact amount of stolen data and the number of affected companies is unknown, but Nathan Little from Tetra Defense, a company that has responded to numerous MOVEit-related incidents, estimated that thousands of firms were impacted.
“We may never know the exact number,” he commented.
Attempting to keep track of the breach, cybersecurity firm Emsisoft has identified 597 victims, with around 39.7 million people affected as of Sunday.
German IT specialist Bert Kondruss compiled similar figures, which Reuters corroborated by cross-checking against public statements, corporate filings, and posts made by cl0p.
WHO HAS BEEN EXPOSED?
Educational institutions, such as colleges, universities, and even New York City public schools, constituted a quarter of the victims, with Emsisoft and Kondruss identifying over 100 in the United States alone.
The exposure extends well beyond academia.
Do you own a car? The Louisiana and Oregon motor vehicle authorities combined have disclosed the breach of approximately 9 million records. Are you retired? Pension management organizations like the California Public Employees’ Retirement System and T. Rowe Price were breached via Pension Benefit Information. A breach at US government contractor Maximus alone resulted in the exposure of records belonging to 8 to 11 million individuals.
There may be a faint silver lining to this situation – the hackers may have obtained more data than they can release.
Alexander Urbelis, a senior counsel at New York-based law firm Crowell & Moring, which has assisted victims in assessing their exposure to the hackers’ activities, stated that the slow download speeds from the hackers’ outdated darknet website have made it nearly impossible for anyone, regardless of intent, to access the stolen data.
Goldstein, the US official, mentioned that “in many cases” the data has not yet been leaked.
It seems that cl0p is attempting to escalate their actions. Towards the end of last month, they created websites specifically designed to further spread the stolen data. They have also started sharing the data through peer-to-peer networks.
This is distressing news for the victims, warns Surefire’s Bleicher.
“Once this data starts to slowly leak, it will become more widespread on the underground,” he explained. As a result, the impact of the breach “will likely be much greater than what we currently anticipate.”
© Thomson Reuters 2023
Denial of responsibility! TechCodex is an automatic aggregator of the all world’s media. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, and all materials to their authors. For any complaint, please reach us at – [email protected]. We will take necessary action within 24 hours.
Alex Smith is a writer and editor with over 10 years of experience. He has written extensively on a variety of topics, including technology, business, and personal finance. His work has been published in a number of magazines and newspapers, and he is also the author of two books. Alex is passionate about helping people learn and grow, and he believes that writing is a powerful tool for communication and understanding.
