MOVEit victim count latest 26K orgs 77M people The Register

pThis article is more than 1 year oldppQuick show of hands whose data hasnt been stolen in the mass exploitation of Progress Softwares vulnerable MOVEit file transfer application AnyoneppAccording to security shop Emsisoft 2620 organizations and more than 77 million individuals have been impacted to date with millions in the past week alone have received notifications that their info was either accessed leaked or both after the Russian ransomware gang Clop exploited a security hole in MOVEit back in May to steal files from compromised instancesppEmbarrassingly antivirus biz Avast is among these newish victims which recently disclosed the crooks accessed some lowrisk customer personal information ppWe take this seriously and are notifying impacted customers and offering dark web monitoring services free of charge the developer xeeted on October 25 ppThat free darkweb monitoring likely came in handy to the 3 million customers whose info has reportedly been leaked on a hacking forumppAccording to the UKs Times the information posted is primarily limited to name andor contact information as well as information on the product you purchased from us No banking details credit card numbers or highrisk data such as login information or account details were taken ppAn Avast spokesperson declined to answer specific questions about the breach though sent The Register the following statementppOur systems are secure and operational We use MOVEit for internal file transfers and immediately remediated all known vulnerabilities when this incident was discovered in June We are up to date on all subsequent patches While there was no impact to our core IT systems or services during continued due diligence we found some of our Avast customers personal information such as name email address and phone number was impacted While this information is not considered high risk we take the safety of our customers extremely seriously and want to ensure they are prepared to be vigilant against any potential phishing threats using this information We have notified customers and offered dark web monitoring free of charge for six monthsppNot one to let an opportunity to upsell slip by the org recommended that affected customers also pay for an enhanced security service As expected users arent too happy with Avasts shameless marketing tactics and took to a web forum to voice their complaintsppI received an email today about Avast customer data being leaked on the dark web In the email Avast recommends signing up for an additional paid service one user noted ppAccording to another customerppI agree that it appears to be touting for future business in a rather underhand way Firstly they admitted to a breach of their security which allowed MY data out into the dark web it also appears to have taken them the best part of a year to discover this then because I am such a valued customer they are offering me the use of their Breachguard product free of charge for 6 monthsppIt appears the old adage that one persons breach is anothers business opportunity rings trueppIn more MOVEit news Welltok which provides patient communication services for healthcare providers across the US has been busy notifying patients that their supposedly private healthcare data really isntppThe Virgin Pulseowned company has sent notification letters to more than 16 million patients alerting them that their names addresses dates of birth and health information may have been stolen by miscreants abusing MOVEit according to a November 18 filing with the Maine Attorney Generals officeppSpecifically this information belonged to people with group health plans from Stanford Health Care Stanford Health Care Lucile Packard Childrens Hospital Stanford Stanford Health Care TriValley Stanford Medicine Partners and Packard Childrens Health AllianceppWelltok did not immediately respond to The Registers request for commentppIn a letter sent to those affected patients Welltok says it first learned that its MOVEit instance had been compromised back in July after it had previously installed all published patches and security upgrades immediately upon such patches being made available by Progress Software PDFppThings basically got worse from there on outppBy August it determined criminals had in fact managed to exfiltrate certain data and in October Welltok began notifying Sutter Health patients that their personal information may have been accessed ppSutter provides health care to more than three million people in northern CaliforniappWelltok also provides patient data communications for Michigans Corewell Health as well as its Priority Health lifestyle portal and a ton of those patients also were hit by the MOVEit breachppLast week Welltok said about one million Corewell Health patients and 2500 Priority Health members were impacted For Priority Health members stolen data included name address and health insurance identification number Corewell Health patients may have had their names dates of birth email addresses phone numbers diagnosis health insurance information and Social Security numbers exposedppAlso last week Welltok notified 89556 patients of St Bernards Healthcare that their data may have been compromised in the MOVEit fiasco ppThe information accessed by the unknown actor may have included depending on the individual their name address date of birth social security number email address phone number patient identification number health insurance information providers name and medical treatment or diagnosis information according to the Arkansasbased health care provider ppSend us newsppThe Register Biting the hand that feeds ITpp
Copyright All rights reserved 19982025

p