Millions Hacked as U.S. Gov Servers Suffer Cyber-Attack

Progress (formerly ipswitch)’s MOVEit is the leading secure Managed File Transfer (MFT) software used by thousands of organizations around the world to provide complete visibility and control over file transfer activities. Whether deployed as-a-Service, in the Cloud, or on premises, MOVEit enables your organization to meet compliance standards, easily ensure the reliability of core business processes, and secure the transfer of sensitive data between partners, customers, users and systems.

In a significant blow to data security, a devastating cyber-attack targeting the popular file transfer program MOVEit has resulted in the theft of millions of millions of individuals' data. 

The cyber attackers first started in late May, exploiting a zero-day vulnerability present in certain SQL databases recorded as ‘CVE-2023-34362’, leaving government agencies, organisations, and individuals in Oregon, Louisiana, and a U.S. agency reeling from its consequences. As we delve into the details of this cybercrime, we must take urgent action to fortify cybersecurity measures and protect sensitive information. 

The Scale of the Attack

The meticulously planned attack exploited a vulnerability in the MOVEit server transfer program, which is widely utilised for secure SQL database transfers. Threat actors gained unauthorised access to the software, implanting a malicious backdoor that provided them access to personal data. The ramifications were immense, with the personal information of millions of individuals compromised. 

Among the victims of this cyberattack were the Oregon Judicial Department, the Louisiana State Government, and a U.S. agency. These organisations, entrusted with sensitive data, now face the daunting task of grappling with the potential consequences that the unauthorised access to personal information carries. 

The threat actors successfully exfiltrated an extensive range of personally identifiable information (PII) during the attack. Data compromised includes names, dates of birth, email addresses, social security numbers, and other sensitive personnel information. 

Full List of All Known Recorded Confidential Data Stolen:

• Name

• Address

• Social Security Number

• Birth date

• Height

• Eye Color

• Driver's License Number

• Vehicle Registration Information

• Handicap Placard Information

Ensuring Accountability and Mitigating Impact

In the aftermath of this alarming cyber attack, affected agencies swiftly responded by notifying the affected millions of individuals their data was compromised. Some organisations opted to offer impacted individuals free credit monitoring services to combat potential identity theft and financial fraud. However, the sheer scale of the breach poses challenges in fully rectifying the consequences. 

The MOVEit cyber-attack serves as a stark reminder of the critical need for organisations to prioritise and bolster their cybersecurity defenses. This incident underscores the pressing necessity of implementing robust security measures to safeguard sensitive information, especially within government agencies. Such measures should include regular vulnerability assessments, stringent access controls, and continuous monitoring of unauthorised activities. 

The Hunt for the Culprits

As investigators work tirelessly to trace the origin and identity of the perpetrators behind this cyberattack, the motives remain unknown. However, investigators found that the Clop ransomware group, a Russian hacking group known for obtaining millions of dollars, conducted cyberattacks in the past through ransom payments and still published the stolen data after money transfer.

MOVEit Cyberattack has left a lasting scar on the data security landscape, leaving government agencies, organisations, and individuals vulnerable to potential misuse of their personal information. This breach serves as a call for organisations to build robust cybersecurity defenses capable of withstanding evolving cyber threats. By investing in proactive measures and strengthening the cybersecurity infrastructure as the world progresses further into the digital age.

Your Security is our Priority

Your friendly Support Team

Speak to us about all your computer needs