Maximus, a US government contractor, said that MOVEit Transfer hackers stole the personal details, including the Social Security numbers (SSNs), of 8 to 11 million people.
“The Company believes that the personal information of a significant number of individuals was accessed by an unauthorized third party by exploiting this MOVEit vulnerability,” Maximus said in an 8-K form filed with the Securities and Exchange Commission (SEC).
According to the filing, an investigation of the incident determined which files were impacted. However, the review of the files is still ongoing, which implies that Maximus is still trying to determine who exactly was affected by the data breach.
The US government contractor believes that at least 8 to 11 million individuals were exposed and will be notified about the incident. Maximus, which employs over 39,000 staff, administers US government-sponsored programs such as Medicaid and Medicare.
“Based on the review of impacted files to date, the Company believes those files contain personal information, including social security numbers, protected health information and/or other personal information,” the company said.
The incident’s investigation doesn’t suggest that the attackers moved beyond the MOVEit environment, and Maximus says that there’s no impact on its business operations due to the breach. However, the filing says that investigation and remediation efforts are expected to cost $15 million.
Who’s behind MOVEit attacks?
So far, 520 organizations have been confirmed to be impacted by Cl0p’s MOVEit Transfer attacks, with over 36 million people having their data exposed. The Cl0p ransomware cartel has taken credit for the massive wave of data breaches.
Cl0p is a Russia-linked ransom group claiming responsibility for exploiting a SQL database injection flaw in the MOVEit Transfer file system, impacting thousands of companies worldwide.
Most recently, Deloitte, a New York City-based global auditing and accounting firm, confirmed that it also fell victim to the MOVEit attacks, joining others from the Big Four financial service giants, PWC and EY.
Exclusive information, vetted by Cybernews, indicates that at least some of Cl0p’s affiliates might be residing in Kramatorsk, a Ukrainian city in the country’s embattled east. US officials are offering a $10 million bounty on the Cl0p gang.
More from Cybernews:
Subscribe to our newsletter