business What You Need to Know about the MOVEit Ransomware Attack June 20, 2023 Attention businesses…U.S. government officials are warning federal agencies and other businesses of a recent ransomware attack that could have compromised sensitive data. Here’s what you should know. Another cyberattack has hit several companies and organizations in recent weeks. The group taking responsibility for the attack is a hacking organization known as Clop. Clop exploited a vulnerability in a popular corporate file transfer tool called MOVEit. Wondering if you’ve been impacted? How can you protect your data moving forward? We share our thoughts here. What is the scam? Criminals have taken advantage of a vulnerability found in the popular Progress Software's MOVEit file transfer application. As a result, several organizations whose supply chains use the MOVEit app have suffered a data breach and customer data has been stolen. What organizations are affected? The MOVEit software is used by companies across a wide variety of industries including education, finance, energy, healthcare, IT and more. Clop used the flaw to steal files from at least 47 organizations, including the U.S. Department of Energy and British Airways. Additionally all driver’s license information from Louisiana and Oregon was compromised in the attack, exposing birth dates and home addresses of millions of people. What is Clop doing with the stolen data? The hackers have threatened to publish the stolen data if the affected organizations do not negotiate an extortion payment. What should you do if you’re a victim of the breach? Progress (the vendor of the MOVEit software) has issued updated advice on mitigating this vulnerability which you can access here: https://www.progress.com/security/moveit-transfer-and-moveit-cloud-vulnerability. This includes submitting the suspected vulnerability to their Reporting Security Vulnerabilities page. This guidance also includes a new patch for additional vulnerabilities that could be exploited. MOVEit customers should apply the new patch right away. Additionally, we recommend: Keeping systems fully patched with critical updates. Ensure that you have good, clean backups for your data. You want some peace of mind in case you ever need to restore your files. DO NOT click on any links in suspicious emails or pop-ups. Keep all cyber security precautions and protections up to date, including malware and endpoint protection. Educate staff on email vigilance (i.e. never clicking on links or files from mysterious sources). For more information on how to combat a cyberattack, contact us.