MOVEit Data Breach: Protecting Yourself and Your Business
- Published
- Jun 29, 2023
- Topics
- Share
What happened?
A massive cyberattack recently exposed millions of individuals' personal data to hackers. MOVEit, a popular file-transfer system used by numerous organizations worldwide to share sensitive information, including government agencies, universities, and multinational corporations, was recently compromised by a ransomware group that exploited a vulnerability in the software.
What organizations were impacted by the MOVEit vulnerability?
The scope of this breach is still being investigated, and additional victims are likely to be identified in the coming weeks. Some of the impacted organizations include:
- U.S. Department of Energy
- Louisiana OMV
- Oregon DMV
- State of Missouri
- State of Illinois
- New York City Department of Education
- University of Georgia
- University of California, Los Angeles
- American Board of Internal Medicine
- Boston Globe
- East Western Bank
- 1st Source Bank
- First National Bankers Bank
What are the risks?
Cybercriminals leveraged a security flaw in the file transfer tool to gain access to sensitive information, including:
- Name
- Address
- Social Security Number
- Birthdate
- Height
- Eye Color
- Driver’s License Number
- Vehicle Registration Information
The hacker group claiming this attack has thus far aimed their extortion at companies rather than government agencies. However, even if your data is never used in extortion attempts related to this attack, cybercriminals often sell data to other threat actors or upload information to the dark web for future cyberattacks.
There may be an increase in employment and credit fraud in the coming months and very convincing phishing attempts that leverage specific personal information.
What should I do after a data breach?
First, businesses should warn employees about any potential impacts from the massive cyberattack on MOVEit, particularly those employees who reside in impacted states. These employees should treat their data as at risk, monitor credit reports for identity theft, and remain vigilant against possible targeted phishing attacks.
To protect customers, require additional forms of identification for new accounts or significant changes. This is particularly critical when the default requirement, such as a driver's license or social security number, is likely compromised.
Businesses should also review third-party providers, confirm cybersecurity standards, and install any available security patches. Companies that aggregate information from numerous sources are particularly tempting targets for hackers, so remain vigilant if your business relies on such services.
Anyone who believes they may have been affected should:
1. Stay calm. It's important not to panic. Panicking will only make the situation worse.
2. Change your passwords. This includes your passwords for your email, bank accounts, social media accounts, and any other online accounts you use.
3. Monitor your accounts. Be sure to monitor your accounts closely for any suspicious activity. Contact your bank or other financial institution immediately if you see anything that looks out of place.
4. Freeze your credit: Freeze credit with the major credit monitoring services to prevent the unauthorized opening of accounts or loans, and continue to monitor your credit report:
- Experian: www.experian.com/freeze
- Equifax: www.equifax.com/personal/credit-report-services/credit-freeze/
- TransUnion: www.transunion.com/credit-freeze
5. Apply for a PIN. Set up an identity protection PIN with the Internal Revenue Service to protect tax refunds and returns:
6. Keep a record of the impact. Take screenshots of any suspicious account activity or emails you receive. Report any abnormal activity, particularly involving your financial information, to the Federal Trade Commission:
Whether this breach impacts your organization or personal data, staying informed and continuously updating your cybersecurity practices is essential. Establish an incident response plan and take steps to protect your business data. Having cybersecurity professionals you rely on can lighten the burden on your organization, so stay in touch with your advisors.
What's on Your Mind?
Start a conversation with Michael
Receive the latest business insights, analysis, and perspectives from EisnerAmper professionals.