According to security shop Emsisoft, 2,620 organizations and more than 77 million individuals have been impacted to date, with millions in the past week alone have received notifications that their info was either accessed, leaked, or both after the Russian ransomware gang Clop exploited a security hole in MOVEit back in May to steal files from compromised instances.
This is the best summary I could come up with:
Quick show of hands: whose data hasn’t been stolen in the mass exploitation of Progress Software’s vulnerable MOVEit file transfer application?
Embarrassingly antivirus biz Avast is among these new-ish victims, which recently disclosed the crooks accessed some “low-risk customer personal information.”
“We take this seriously and are notifying impacted customers and offering dark web monitoring services free of charge,” the developer xeeted on October 25.
As expected, users aren’t too happy with Avast’s “shameless marketing tactics” and took to a web forum to voice their complaints.
The Virgin Pulse-owned company has sent notification letters to more than 1.6 million patients alerting them that their names, addresses, dates of birth, and health information may have been stolen by miscreants abusing MOVEit, according to a November 18 filing with the Maine Attorney General’s office.
By August, it determined criminals had, in fact, managed to “exfiltrate certain data,” and in October Welltok began notifying Sutter Health patients that their personal information may have been accessed.
The original article contains 676 words, the summary contains 162 words. Saved 76%. I’m a bot and I’m open source!
xeeted
Thanks, I hate it.