Unbeknownst to you, a tool being actively used to steal data in ongoing breach events may be lurking on your network.
What ongoing breach events are we talking about?
In early 2023 the cyber community became aware that a tool name MOVEit, which is widely used for moving data by companies, had been compromised by the Russian speaking Clop ransomware gang and was being used to commit cyber crime. In recent weeks however the scope and scale of this event has begun to dramatically expand. What was initially being reported by CNN as a limited event affecting only a few agencies in a few states, has continued to grow in size daily as more and more high profile victims are added to the list.
Check back often to keep an eye on the end of this article for recent headlines and breach announcements regarding the MOVEit breach.
How does that affect me?
You may have never heard of MOVEit before and you’re thinking this doesn’t represent a risk in your business, unfortunately it may be there without you knowing it. Because this product was so widely used, you may have software applications or systems on your network that come from vendors who do use MOVEit.
At Rocky Mountain Cybersecurity we have identified instances of the MOVEit application on our client networks that they didn’t know where there, and were found to be from a vendor that was no longer used. The fact is unless you have scanned for it’s presence, you can’t be sure this application isn’t lurking somewhere on your network.
Partnering with a cybersecurity expert like Rocky Mountain Cybersecurity
Supply chain security is a complex and multifaceted issue. One effective way to begin is by partnering with a cybersecurity expert like Rocky Mountain Cybersecurity. We have a wealth of experience and expertise in this area and can provide the support and guidance you need to ensure a secure and safe future for your business. Don’t go it alone – get in touch with us today and let us help you take the first steps towards a safer tomorrow.
Contact us today! – 307-288-0222 – www.rmcybersecurity.com – info@rmcybersecurity.com
Victim List:
https://konbriefing.com/en-topics/cyber-attacks-moveit-victim-list.html
Current Headlines And Breach Announcements:
- https://www.bleepingcomputer.com/news/security/colorado-warns-4-million-of-data-stolen-in-ibm-moveit-breach/
- https://techcrunch.com/2023/07/27/us-government-contractor-says-moveit-hackers-accessed-health-data-of-at-least-8-million-individuals/
- https://finance.yahoo.com/news/banks-hotels-hospitals-among-latest-143001058.html
- https://finance.yahoo.com/news/1st-source-says-data-compromised-210934836.html
- https://techcrunch.com/2023/07/06/more-organizations-confirm-moveit-related-breaches-as-hackers-claim-to-publish-stolen-data/
- https://techcrunch.com/2023/06/16/us-confirms-federal-agencies-hit-by-moveit-breach-as-hackers-list-more-victims/
- https://www.yahoo.com/news/latest-victim-moveit-data-breach-202206063.html
