MOVEit Hack Continues to Cause Issues for Consumers 

Our Identity Theft Resolution Center reports they are currently seeing approximately 15% of all victims of identity theft being traced back to a data breach, with the MOVEit breach as the most prevalent. It’s important to remind your account holders who are eligible for professional identity theft services that they can reach out for help. 

Even if their concern turns out to be a false alarm, our compassionate and knowledgeable Identity Recovery Advocates can put their mind at ease and let them know that you are standing behind them. 

What is the MOVEit breach?

In late May 2023, Progress Software announced to their customers that it had discovered a vulnerability in its MOVEit products that could lead to potential unauthorized access to data, and the company released a security patch, all within 48 hours of discovery according to a notice on the Progress Software website.

Many of the corporate users of MOVEit were not able to patch the vulnerability in time to prevent intrusion. MOVEit is used by companies to ship large amounts of often sensitive data: pension information, Social Security numbers, medical records, billing data, and the like. 

Many of those organizations were handling data on behalf of other companies, who in turn, got the data from third parties. This vulnerability has turned into a long-term hack that has spiraled outward in a variety of ways. By some estimates, the breach has already affected more than 40 million people, and this is just the beginning.

What is MOVEit and what does it do?

MOVEit is a Managed File Transfer (MFT) application produced by Progress Software Corporation, a Burlington, Massachusetts-based technology company that provides information technology services that support business applications. According to the company, their product, MOVEit Transfer, supports the exchange of files and data between servers, systems, and applications within and between organizations. Individual users also engage with their common shared folder system with browser access. The service is used by thousands of companies all over the world.

Who is behind the MOVEit breach?

The cyber threat group responsible for the MOVEit breach is a Russian ransomware gang that calls itself “CloP”. This group is known for stealing data of companies and then demanding multi-million dollars payments to keep the information from being released. CloP may also go by different names and it has ties to other hacking groups that overlap with each other to create a larger interconnected criminal enterprise.

“Clop” is the Russian word for “bedbug”, and like its name, has the capacity, and now the means to continue to be insidious and multiply over time, turning this single vulnerability into a growing network of consumer information breaches.

Why is this breach different than most others?

The MOVEit breach is unique based on a dangerous combination of three key factors. First, the type of information stolen is particularly sensitive and can cause the most harm in the hands of fraudsters. Second, the sheer size and complexity of the number of companies affected by the breach is immense. Lastly, the hackers are releasing troves of data slowly, which is like seeing multiple breach events happening with continuing regularity. There is no way to know for sure what the final impact of this vulnerability will be or how long it will go on.

These digital extortionists have adapted and are becoming increasingly determined to get the data out through any means necessary, including creating new websites and most recently sharing the stolen data on peer-to-peer networks.

What should we expect next?

Almost three months after the announcement about the MOVEit vulnerability there continues to be more and more companies coming forward with disclosures that their data has been compromised. This increases the potential numbers of consumers whose information may be in the hands of fraudsters. In turn, this creates an extended threat of compromise for individuals and will likely create unpredictable waves of fraud that will affect consumers for many months.