Government services provider Maximus hit by MOVEit attack

Government services provider Maximus hit by MOVEit attack

Posted on

Government services provider Maximus Inc. is the latest victim of the Clop ransomware gang’s targeting of a critical vulnerability in Progress Software Corp.’s MOVEit file transfer software, with data belonging to up to 11 million people stolen.

Maximus, which provides services for Medicaid, Medicare, health care reform, welfare-to-work and student loan servicing, disclosed it had been hacked in a U.S. Securities and Exchange Commission filing. The filing states that the company became aware that data could have been compromised after the revelation that the MOVEit file transfer software had been compromised on May 31, but does not give a specific date when it detected that its internal systems had also been compromised.

After ordering an investigation of the incident, Maximus found data belonging to at least eight million to 11 million individuals had been impacted. The data stolen was personal information, including Social Security numbers, protected health information and/or personally identifiable information.

Maximus is informing affected customers and is working with federal and state regulators. Customers will also be offered free credit monitoring and identification restoration services.

The one thing that isn’t clear from the disclosure is whether the victims were exclusively in the U.S. or other countries. While reports refer to Maximus as a “U.S. government contractor,” the company also provides services to governments in other English-speaking countries – Canada, the U.K. and Australia.

Maximus isn’t the first organization to be compromised due to the vulnerability in MOVEit and won’t be the last. On June 7, it was reported that the BBC, British Airways Plc and the pharmacy chain Boots UK Ltd. may have had payroll data stolen in a MOVEit attack. On June 15, the list of known victims grew to include the U.S. Department of Energy, Shell Plc, UnitedHealthcare Student Resources, the University of Georgia, the University System of Georgia, Heidelberger Druckmaschinen AG and Landal Greenparks.

MOVEit is managed file transfer software designed to provide secure and compliant file transfers for sensitive data within and between organizations. The vulnerability, officially designated CVE-2023-34362, allows an unauthenticated, remote attacker to send a specially crafted SQL injection to a vulnerable MOVEit Transfer instance.

“This massive exploit of the MOVEit vulnerability is yet another demonstration of the importance of securing the software supply chain when it comes to data privacy,” Ray Kelly, a fellow at the Synopsys Software Integrity Group, told SiliconANGLE. “The key takeaway for business leaders is clear – just a single vulnerability in one piece of a third-party vendor’s software can lead to the compromise and exposure of personally identifiable information across every organization that vendor services.”

Erfan Shadabi, cybersecurity expert with data security specialists comforte AG, warned that a breach in the healthcare sector is highly damaging due to the sensitive nature of the data involved.

The breach “exposes some of the most private personal and medical information of an already vulnerable section of the population, leading to identity theft, medical fraud, and financial losses for individuals and organizations,” Shadabi explained. “Such incidents erode trust, impact patient safety and incur heavy legal and regulatory consequences.”

Image: Maximus

Your vote of support is important to us and it helps us keep the content FREE.

One-click below supports our mission to provide free, deep and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy


Source link

Leave a Reply

Your email address will not be published. Required fields are marked *