Data breaches in the United States reach an unprecedented peak
Rise in Data Breaches Linked to MOVEit Vulnerabilities
Data breaches have reached an all-time high this year, surpassing the record set in 2021, according to a report released by the Identity Theft Resource Center (ITRC) last week. The report highlights that supply-chain attacks are a major factor in the increase in data breaches this year, with many attacks targeting Progress Software's MOVEit file-transfer service.
The widespread exploitation of a vulnerability in MOVEit has resulted in significant data breaches, impacting millions of individuals and over 600 organizations, including major companies and sectors such as payroll services, media, education, finance, and insurance. The public reports detail hundreds of millions of data points stolen across affected entities, although precise consolidated figures per individual are not fully disclosed.
The MOVEit breaches were responsible for four of the top eight data compromises in Q3 2023. The surge in zero-day attacks ITRC recorded is related to the spree of attacks against MOVEit, with 86 data breach disclosures containing zero-day attacks through the first nine months of 2023, compared to just 5 in 2022.
James Lee, COO at ITRC, stated that supply chains are an attractive target for attackers due to the large amount of customer data they often hold. He emphasized that the majority of data breaches, approximately 60%, are the result of attacks against just 87 organizations, many of which were against Progress Software's MOVEit file-transfer service.
Lee also suggested that stronger vendor requirements and due diligence are necessary to reduce the number of supply-chain attacks. He stated that defenders win more fights with attackers than they lose, and the losses tend to get a lot of attention, but the vast number of attacks fail.
To prevent such attacks, ITRC recommends prompt patching, multi-factor authentication, strong password policies, behavioral and AI-driven detection, regular offline backups, user awareness training, comprehensive supply chain security, and timely breach detection and containment.
Data breach notices filed by Maximus, IBM Consulting, CareSource, and PH Tech, all attributed to the mass exploits of a zero-day vulnerability in MOVEit, exposed the PII of over 20 million people combined. Despite the alarming figures, Lee stated that vast troves of data are available as a result of compromises and scams, but it does not mean that individuals or collectively need to feel frustrated or despair.
In conclusion, the MOVEit breaches underline that unpatched software vulnerabilities in widely used enterprise tools can rapidly lead to extensive multi-industry data compromises. Combining technical defenses, procedural vigilance, and user education remains essential to preventing similar incidents.
[1] BBC News: Ransomware attack hits payroll services firm Zellis [2] TechCrunch: Progress Software’s MOVEit breached in massive ransomware attack [3] ZDNet: Ransomware gang Cl0p exploits MOVEit vulnerability in 600+ attacks [4] CSO Online: 10 steps to prevent a data breach [5] Forbes: 5 Ways To Improve Your Supply Chain Security
- Unpatched vulnerabilities in Progress Software's MOVEit file-transfer service have led to a significant increase in data breaches this year, with seemingly infinite repercussions for approximately 600 organizations across various sectors.
- The reported data breaches, such as those linked to Maximus, IBM Consulting, CareSource, and PH Tech, have exposed the personally identifiable information (PII) of over 20 million individuals, demonstrating the widespread impact of these vulnerabilities.
- To address this issue and minimize the risk of similar data breaches in the future, ITRC recommends implementing prompt patching, multi-factor authentication, strong password policies, and comprehensive supply chain security, among other measures.
- In the realm of general news and crime-and-justice, the ongoing MOVEit vulnerability saga serves as a stark reminder of the importance of cybersecurity in data-and-cloud-computing technology and the need for a proactive approach to addressing cybersecurity issues.
