The cyberattack on the widely used software tool, MoveIt, has expanded to more companies, leading to a rise in lawsuits alleging mishandling of data. This incident highlights how cyberattacks can impact supply chains, as some companies have been affected even if they didn’t directly use MoveIt but had business partners who did.
Brett Callow, a threat analyst at cybersecurity company Emsisoft, emphasizes the complexity of the situation and the uncertainty faced by organizations regarding their exposure to the attack. According to Callow, more than 200 companies have reported being affected by the cyberattacks on MoveIt, with hackers claiming credit for targeting nearly 400 organizations. The Cl0p ransomware group has taken responsibility for these attacks and has even published data from some victims on its illegal website.
Progress Software, the company behind MoveIt, has released patches to address the vulnerabilities discovered. However, additional flaws were identified, and more fixes were issued. Progress Software remains committed to supporting its customers and working with cybersecurity experts to investigate the issue and implement appropriate response measures.
The consequences of personal data exposure in MoveIt hacks are significant, both for businesses and individuals. Leaked data can be exploited in future targeted attacks, leading to potential harm for individuals. Moreover, companies affected by such attacks often face legal actions that can be lengthy and challenging.
Genworth Financial, a life-insurance company not directly using MoveIt, was impacted because of its population research supplier, PBI Research Services. Hackers accessed the personal data of millions of Genworth customers and insurance agents, including sensitive information such as Social Security numbers. PBI Research Services, which was attacked on June 2, has notified affected customers about the data breach.
Hackers have been increasingly targeting widely used technology tools, affecting companies and governments worldwide. Similar to the SolarWinds and Kaseya attacks, the cyberattack on MoveIt has had far-reaching consequences. Shell, for example, disclosed that personal information about its employees was accessed through the MoveIt hack. The extent of data involvement in these incidents is still being investigated.
Suzie Squier, president of the Retail and Hospitality Information Sharing and Analysis Center, highlights the challenge faced by companies in determining if their suppliers were affected by the MoveIt attacks. This necessitates additional investigation by cyber teams to ensure data security.
Johns Hopkins University and its health system faced a class-action lawsuit on behalf of those whose information was exposed in a MoveIt attack. The institution is actively communicating with impacted individuals to address their privacy and security concerns.
As the number of victim companies continues to rise, the financial impact of this cyberattack is expected to be significant. The incident serves as a reminder of the importance of robust cybersecurity measures and the need for continuous vigilance in protecting sensitive data.
[Author: Catherine Stupp]
Denial of responsibility! VigourTimes is an automatic aggregator of Global media. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, and all materials to their authors. For any complaint, please reach us at – [email protected]. We will take necessary action within 24 hours.
