State of Maine Becomes Latest MOVEit Victim to Surface

  /     /     /  
Publicated : 23/11/2024   Category : security


State of Maine Becomes Latest MOVEit Victim to Surface


The state said 1.3 million individuals have been affected by this breach, which includes Social Security numbers and taxpayer information.



In an online overview published on Nov. 9, the government of Maine confirmed that a group of cybercriminals exploiting the now-infamous vulnerability in the
MOVEit file-transfer tool
to allow them access to files belonging to the State of Maine between May 28 and 29.
This cyber incident was limited to Maines MOVEit server, according to the Maine government website, and no other networks or systems belonging to the state were affected. However, the breach exposed information on 1.3 million individuals, with the type of data affected for each varying person to person. The information that may have been impacted includes names, Social Security numbers (SSNs), dates of birth, drivers license or state identification numbers, taxpayer identification numbers, medical information, and health insurance information.
Once the state became aware of the breach, it secured its information by blocking Internet access from the MOVEit server. It also implemented security measures as directed by Progress Software and launched an investigation of the cyber incident alongside legal counsel and cybersecurity experts.
The state of Maine is just the latest target to come to light in a lengthy string of MOVEit attacks, in which victims include
Shell
(where employees were affected),
Gen Digital
,
National Student Clearinghouse
,
Maximus Inc.
,
Estée Lauder
, and a
government department in Colorado
, among
many others
.
Yet again, we see the MOVEit exploit continuing to hit new victims across all sectors, with more than 640 recorded so far, said Darren Williams, CEO and founder at BlackFog, in an emailed statement. The catastrophic fallout from this hack has demonstrated a cold reality: a significant number of organizations are not prepared to fend off sophisticated breaches.
Individuals can contact Maines call center to find out if their data was affected; they will be offered two years of credit monitoring and identity theft protection services if their SSN or taxpayer identification numbers were involved. The state is also currently notifying individuals who have been affected by this breach through various channels, including emails and letters by mail.
We encourage you to remain vigilant by regularly reviewing your accounts and monitoring credit reports for suspicious activity, according to a
statement on the breach on the Maine website
.
Governments, in particular, bear a critical responsibility to secure the masses of data belonging to their residents, Williams said. They must prioritize the adoption of cutting-edge technologies and proactive strategies to lock down their data and ensure the utmost protection for their citizens.

Last News

▸ Researchers create BlackForest to gather, link threat data. ◂
Discovered: 23/12/2024
Category: security

▸ Travel agency fined £150,000 for breaking Data Protection Act. ◂
Discovered: 23/12/2024
Category: security

▸ 7 arrested, 3 more charged in StubHub cyber fraud ring. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
State of Maine Becomes Latest MOVEit Victim to Surface