The MOVEit incident eclipses them, though, both in the number of victim organizations and individuals whose data was compromised. Antivirus company Emsisoft has been tracking the number of MOVEit victim organizations that have publicly declared they were impacted since May. The researchers have combed individual US state breach notifications, filings with the US Securities and Exchange Commission, public disclosures, and Clop’s own disclosure website to tabulate and reconcile the true toll of the attacks.
To date, Emsisoft has concluded that 2,167 organizations have been impacted by the sprawling campaign. The number had been hovering around 1,000 in recent months, but it jumped significantly when the National Student Clearinghouse revealed 890 colleges and universities across the US—including Harvard University and Stanford University—had been impacted by MOVEit breaches. Organizations in the US account for 88.8 percent of known victims, according to Emsisoft, while a smattering of other organizations in Germany, Canada, and the UK have also been exposed by Clop and come forward.
According to Emsisoft’s analysis, around 1,841 organizations have disclosed breaches, but only 189 of them have specified how many individuals were impacted by the incident. From these detailed disclosures, Emsisoft has found that more than 62 million individuals had their data breached as part of Clop’s MOVEit spree. But since there are estimated to be nearly 2,000 organizations that have not revealed how many individuals had personal data affected in their breaches—and since researchers have concluded that there are other impacted organizations that haven’t come forward at all—the true total of people whose data was compromised is likely even larger, possibly on the scale of hundreds of millions of individuals, according to Emsisoft.
“It’s inevitable that there are corporate victims that don’t yet know they’re victims and there are individuals out there who don’t yet know they’ve been impacted,” says Brett Callow, a threat analyst at Emsisoft. “MOVEit is especially significant simply because of the number of victims, who those victims are, the sensitivity of the data that was obtained, and the multitude of ways that data can be used.”
Censys’ Austin says file transfer tools are by their nature a “fantastic target” for cybercriminals. The whole purpose of the tools is to manage and share data, so these services are often trusted with large volumes of sensitive information. BORN Ontario said in a statement last week that the data taken in the breach was from those “seeking pregnancy care and newborns.” This included lab test results, pregnancy risk factors, and procedures. Names, dates of birth, government ID numbers like Social Security numbers, addresses, and more have all been compromised in other MOVEit incidents.
While cybercriminal groups often make headlines for attention-grabbing ransomware or extortion attacks, such as those against casinos, persistent and unrelenting theft, publication, extortion, and trade of people’s sensitive data from sprees like the MOVEit rampage can ruin lives—a cumulative reality that is often overshadowed by individual incidents where profits are on the line. Hacks on schools have revealed details of sexual assaults, child abuse allegations, and suicide attempts, with the Associated Press reporting individuals often don’t know the details have been published. Meanwhile, breaches of mental health service providers have exposed patients’ records.
Callows says that he suspects the slow drip of MOVEit-related disclosures “will rumble on for years.” More broadly, he and Austin emphasize that defenders should prepare for cybercriminals to continue targeting widely-used data management software. As Callow puts it, “MOVEIt isn’t the first file transfer application to be exploited and it likely will not be the last.”
Just last week, MOVEit developer Progress Software disclosed a new set of vulnerabilities in one of its file transfer tools for servers, known as WS_FTP Server, along with patches for the flaws. The company says that it has not “currently” seen evidence that the bugs are being actively exploited.
EU agrees to first-of-its-kind comprehensive AI regulations
Patrick Mahomes’ Brother Jackson Compliments Travis Kelce’s Ex: ‘Pretty’
I won World Darts Champs but got nickname after rolling in cowpats in my old job
Hyatt Global President of Operations, Chuck Floyd, Announces Retirement
Former attorney for family of man accused of killing Gabby Petito files response to 3rd amended complaint
Moment burned volcano survivors plead for help after getting caught in deadly eruption that claimed 11 lives and left 12 others missing
Introducing SELF’s Diet Culture Detox Course!
Look: Sheikh Mohamed, Kamala Harris discuss bilateral relations,regional developments at COP28
Score a free footlong chocolate chip cookie at Subway in NYC on National Cookie Day
House could have articles of impeachment against Biden ready in first half of 2024
South Korea plunging deeper into sub export markets
Former NFL TE accidentally ‘devalued’ an important piece of Tom Brady memorabilia
The roots and depths of Israel’s Hamas intel failure
Jaylen Brown’s ejection adds drama, but Celtics beat Knicks: 8 takeaways
Ryan O’Neal Through the Years: The ‘Love Story’ Star’s Life in Photos
News19 hours ago
U.S. issues strongest criticism of Israel yet as civilian deaths in Gaza surge
News19 hours ago
Hunter Biden: Read the indictment against president’s son in full
Investing18 hours ago
Here are Friday’s biggest analyst calls: Apple, Tesla, Boeing, First Solar, Qorvo, Exxon, Meta, O’Reilly & more
News22 hours ago
GOP’s Brutal Math: Trump Could Secure Nomination Before Conviction
Auto15 hours ago
The Tesla Cybertruck Has Strong Sales Potential, But Only If US Buyers Step Up
News23 hours ago
Dozens of Palestinians are captured by IDF, stripped and paraded around Gaza
News22 hours ago
Taiwan says Chinese balloon spotted over Taiwan Strait ahead of crucial election
Travel19 hours ago
Local Vibes Come to a Regenerated Area of Aruba