Medicaid administrator breach exposes 8M+ people

Maximus, a US government contractor, said that MOVEit Transfer hackers stole the personal details, including the Social Security numbers (SSNs), of 8 to 11 million people.

“The Company believes that the personal information of a significant number of individuals was accessed by an unauthorized third party by exploiting this MOVEit vulnerability,” Maximus said in an 8-K form filed with the Securities and Exchange Commission (SEC).

According to the filing, an investigation of the incident determined which files were impacted. However, the review of the files is still ongoing, which implies that Maximus is still trying to determine who exactly was affected by the data breach.

The US government contractor believes that at least 8 to 11 million individuals were exposed and will be notified about the incident. Maximus, which employs over 39,000 staff, administers US government-sponsored programs such as Medicaid and Medicare.

“Based on the review of impacted files to date, the Company believes those files contain personal information, including social security numbers, protected health information and/or other personal information,” the company said.

The incident’s investigation doesn’t suggest that the attackers moved beyond the MOVEit environment, and Maximus says that there’s no impact on its business operations due to the breach. However, the filing says that investigation and remediation efforts are expected to cost $15 million.

Who’s behind MOVEit attacks?

So far, 520 organizations have been confirmed to be impacted by Cl0p’s MOVEit Transfer attacks, with over 36 million people having their data exposed. The Cl0p ransomware cartel has taken credit for the massive wave of data breaches.

Cl0p is a Russia-linked ransom group claiming responsibility for exploiting a SQL database injection flaw in the MOVEit Transfer file system, impacting thousands of companies worldwide.

Most recently, Deloitte, a New York City-based global auditing and accounting firm, confirmed that it also fell victim to the MOVEit attacks, joining others from the Big Four financial service giants, PWC and EY.

Named victims include American Airlines, TJX off-price department stores, TomTom, Pioneer Electronics, Autozone, and Johns Hopkins University and Health System.

Other prominent brand victims include Shutterfly, Warner Bros Discovery, AMC Theatres, Honeywell, Choice Hotels’ Radisson Americas chain, and Crowe accounting advisory firm.

Exclusive information, vetted by Cybernews, indicates that at least some of Cl0p’s affiliates might be residing in Kramatorsk, a Ukrainian city in the country’s embattled east. US officials are offering a $10 million bounty on the Cl0p gang.

More from Cybernews:

Democracy in danger: AI, supercomputers, and the loss of human agency

PokerStars owner Flutter confirms data breach

Romance scammer jailed for conning Holocaust survivor out of $2.8M

EU launches Microsoft inquiry over Teams app

US Senator demands feds investigate Microsoft over China email and SolarWinds hack

Subscribe to our newsletter

Leave a Reply

Your email address will not be published. Required fields are markedmarked