MOVEit Breach Continues to Snap Up Victims
June 30, 2023 – Published on InformationWeek
The full scope of the MOVEit breach is still coming to light. On May 31, software company Progress discovered a vulnerability (CVE-2023-34362) in its MOVEit Transfer and MOVEit Cloud file transfer tools. Payroll provider Zellis was a victim of the breach, as well as some of its customers, including pharmacy chain Boots, broadcaster BBC, airline British Airways, and airline Aer Lingus. Since the vulnerability was discovered, Progress has moved to investigate and patch the vulnerability. But the number of victims swept up in the breach is growing.
The Clop Ransomware Gang has been linked to the MOVEit attack. The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation released an advisory to address the group’s exploitation of the MOVEit vulnerability.
And the list of victims gets longer, organizations will need to be vigilant. In addition to following recommendations and applying the security patches from Progress, potential victims will need to be prepared for incident response. Are there signs of a breach, and has any data theft occurred?
“Organizations using MOVEit should also conduct a thorough review of what data is accessible using MOVEit and make determinations of whether additional safeguards must be put in place to mitigate risk associated with potential data loss,” says Drew Schmitt, the GuidePoint research and intelligence team lead analyst at cybersecurity consulting services company GuidePoint Security.
The MOVEit attack is another reminder of the difficult task of managing third-party risk. “One of the biggest implications coming out of the MOVEit attack is how many organizations are being publicly named as being impacted and what that means for organizations they have relationships with,” says Schmitt.
Read More HERE.