The government of Maine has confirmed that over a million individuals had their personal information stolen in a data breach earlier this year orchestrated by a Russia-linked ransomware gang. The hackers exploited a vulnerability in the MOVEit file-transfer system used by the state, gaining unauthorized access to files belonging to certain state agencies. The stolen information may include names, dates of birth, Social Security numbers, driver’s licenses, taxpayer identification numbers, and, in some cases, medical and health insurance details. The breach affects various state agencies, with the Department of Health and Human Services being the most impacted.
Key Points:
- Breach Details:
- The Maine government disclosed a data breach involving the theft of personal information of over a million individuals.
- The breach occurred through exploitation of a vulnerability in the MOVEit file-transfer system, a mass hacking incident linked to the Clop ransomware gang.
- Stolen Information:
- The stolen information may include names, dates of birth, Social Security numbers, driver’s licenses, taxpayer identification numbers, and, in some cases, medical and health insurance details.
- Affected State Agencies:
- More than half of the stolen data relates to Maine’s Department of Health and Human Services, while around a third affects the Department of Education. Other impacted agencies include the Bureau of Motor Vehicles and the Department of Corrections.
- Scope of Impact:
- The breach affects various individuals for reasons such as residency, employment, or interaction with a state agency. The data held by the state varies by person.
- Maine’s government spokesperson clarified that the breach is “not a match to the current population,” and out-of-state individuals were also exposed.
- MOVEit Mass Hack:
- The breach is part of the larger MOVEit mass hack, considered one of the largest hacking incidents of the year. MOVEit systems, used for file transfer, were exploited by the Clop ransomware gang, affecting thousands of organizations globally.
- Clop Gang’s Track Record:
- The Clop ransomware gang has a track record of targeting file transfer tools, including Fortra’s GoAnywhere and Accellion’s file transfer application.
- Clop has not yet listed Maine on its leak site, where ransomware gangs often publish stolen files, claiming to delete government data.
- Regulatory Scrutiny:
- Progress Software, the maker of MOVEit, disclosed that the U.S. Securities and Exchange Commission (SEC) has subpoenaed the company seeking documents and information related to the MOVEit vulnerability. Progress Software intends to cooperate fully with the SEC’s investigation.
Conclusion:
The data breach affecting the Maine government underscores the widespread impact of the MOVEit mass hack, with numerous organizations falling victim to the Clop ransomware gang. The incident highlights the vulnerabilities associated with file transfer systems and the persistence of ransomware threats. The regulatory scrutiny facing Progress Software further emphasizes the importance of cybersecurity measures and prompt responses to vulnerabilities to prevent such incidents. Organizations are urged to prioritize cybersecurity best practices to mitigate the risk of ransomware attacks and data breaches.