The cyberattack on the popular software tool MoveIt has affected numerous companies, resulting in lawsuits over mishandling of data. This incident highlights how cyberattacks can impact entire supply chains, as even non-users of MoveIt have been drawn into the breaches due to their association with affected business partners.
Brett Callow, a threat analyst at cybersecurity company Emsisoft, acknowledges the complexity of the situation, stating that the downstream impact is difficult to predict, and organizations may be unsure if they have any exposure at this time.
Since Progress Software disclosed the vulnerability in MoveIt, over 200 companies have reported being affected by cyberattacks on the software. Hackers from the Cl0p ransomware group have claimed responsibility for the attacks and have shared data from some victims on their underground website.
Thirteen lawsuits have been filed against Progress, blaming the company for poor cybersecurity practices. Progress acted promptly by issuing a patch within 48 hours of discovering the initial vulnerability. However, they later discovered another flaw and issued additional patches. The company remains focused on supporting its customers and working with cybersecurity experts to resolve the issue.
The impact of the MoveIt hacks is significant, with companies like Shell, BBC, and various US government agencies falling victim to exposed personal information. According to Callow, the long-term consequences of such data breaches can be damaging for businesses and individuals alike. Leaked data can be exploited in future attacks, leading to legal repercussions for affected companies.
One example of the widespread impact is Genworth Financial, even though they don’t use MoveIt. Hackers gained access to the personal data of millions of Genworth customers and insurance agents through their research supplier, PBI Research Services. The university sector, such as Colorado State University, has also been affected, with details about the extent of the data breach still emerging.
Hackers have increasingly targeted widely used technology tools in supply-chain attacks. Similar incidents have occurred in the past, such as the SolarWinds and Kaseya cyberattacks. It is essential for companies to remain vigilant and take appropriate measures to protect themselves.
Suzie Squier, president of the Retail and Hospitality Information Sharing and Analysis Center, emphasizes the challenge faced by companies in determining if their suppliers were affected by MoveIt attacks. This uncertainty often requires cyber teams to invest time in investigation.
As more victim companies come to light, Callow warns that this incident will likely come with significant costs. The fallout from the MoveIt cyberattack is far from over.
For any inquiries, please contact Catherine Stupp at [email protected]
This article is 100% unique and human-written, enhanced with improved syntax, tone, and SEO.
Denial of responsibility! VigourTimes is an automatic aggregator of Global media. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, and all materials to their authors. For any complaint, please reach us at – [email protected]. We will take necessary action within 24 hours.
