MOVEit Transfer Exploit Exposes Millions of Users

MOVEit Transfer Exploit Exposes Millions of Users

• The MOVEit transfer breach/ransomeware attacks have affected an estimated tens of millions.
• For a more conclusive list of companies that fell victim to these attacks check here:  https://konbriefing.com/en-topics/cyber-attacks-moveit-victim-list.html

The Details of the Data Breach

Over the last few days, via snail mail, Pension Benefit Information (PBI) revealed that unauthorized individuals gained access to PBI’s MOVEit transfer servers by exploiting a vulnerability within the software. Regretably, they are far from the only one’s who were hit by the ransomeware attack. The number for the total number of victims/companies is ever-changing. With that being said, the link above is seemingly the most conclusive.

The sensitive information that has been exposed as a result of the data breach includes the following:

• Names
• Social Security numbers
• Policy or account numbers
• Dates of birth
• Addresses

A Blow to Businesses

PBI’s services are widespread, thousands of organizations rely on them. From pension funds to insurance companies, businesses count on PBI to figure out whether individuals are eligible for benefits. Aside from PBI, the U.S. Department of Agriculture, U.S. Department of Health, New York Public School system, Deloitte, EY, and TD Ameritrade, to name a few, all were on the receiving end of these attacks. Further, CalPERS—the largest public pension fund in the US, and Genworth a well-known life insurance company have a estimated combined total of 2.7 million compromised users/clients. Needless to say that this breach has caused quite a storm, and no one’s sure where it’ll end.

The Culprit, CLOP

Now, let’s talk about the perpetrators behind this nightmare; the ones who proudly call themselves CLOP. They’re a Russia-linked ransomware gang that has a reputation for wreaking havoc (as seen in this instance). Even in the sights of the US Government, they seem to show no signs of slowing down in their attacks.

These individuals, CLOP, utilize “double-extortion”, a technique to maximize their damage. In short, they steal and encrypt victim’s data, demanding a hefty ransom. If the ransom isn’t paid, they go a step further and publish the stolen data on the dark web or sell it to buyers for any variety of theft-driven motives. It’s a cruel game of digital cat and mouse.

What Should You Do if You Were Affected by the MOVEit breach?

If you have received a notice from Pension Benefit Information, or any of the other companies affected, about the MOVEit transfer breach, it is important to take the following steps to safeguard your personal information and minimize the risk of identity theft:

1. Secure Your Accounts: Change the passwords for all your online accounts, especially those associated with your accounts created in relation with PBI.
2. Monitor Your Credit: Regularly check your credit reports from the major credit bureaus and be vigilant for any suspicious activity or unauthorized accounts. Consider placing a fraud alert or credit freeze on your credit files to provide additional protection.
3. Beware of Phishing Attempts: Be cautious of any emails or phone calls requesting personal information or posing as PBI representatives. Legitimate organizations will not ask for sensitive information through these channels.
4. Enable Two-Factor Authentication: Implement two-factor authentication for all your online accounts whenever possible. (This is a good rule of thumb regardless of this cyber attack)
5. Consider Identity Theft Protection Services: Explore the option of enrolling in identity theft protection services, which can help monitor your personal information and provide assistance in the event of identity theft.

How The MOVEit Transfer Changes PBI Forever?

Regrettably, something that is largely out of the hands of PBI has tarnished it’s reputation for good. Customers, partners, and stakeholders may lose trust in the company’s ability to safeguard their sensitive information. This loss of trust can lead/will lead to a decrease in customer loyalty and potential customer churn.

We have said it before and we will say it again, proactivity is the best policy. Never short your IT infrastructure and never leave a blind spot. Would you rather pay $100k in cybersecurity parameters or $10M in law suits, damage recovery, etc.? Is cybersecurity expensive? Sometimes, yes. Is data recovery even more expensive? Without a doubt. Not only does it cost a lot up front, but it will tarnish a reputation and lead to further revenue loss for the foreseeable future.

Conclusion

The MOVEit Transfer data breach that has affected millions. Stopping these attacks isn’t an easy task; you can cross every -t, dot every -i, and check your spelling ten times over, sometimes it’s just not enough. PBI now suffers a lack of trust from it’s customers, damage to brand reputation, tremendous financial loss, and likely a slew of legal issues to follow.

It truly is a shame that many companies do not take their cybersecurity as serious as they should. Companies that handle such sensitive consumer information should implement things such as zero trust architecture to further protect consumer data.

Affected individuals who fail to be proactive are at a high risk of identity theft and other fraudulent activities. It is crucial for those affected to take immediate action to protect themselves. When securing your online data, pay attention to your bank accounts, credit, and all forms of online media.

To read more articles similar to this, check out our other posts here: https://propersky.com/insights/