Massive MOVEit campaign already impacted at least 1,000 organizations and 60 million individuals

Pierluigi Paganini August 28, 2023

The recent wave of MOVEit attacks conducted by the Cl0p ransomware gang impacted 1,000 organizations, experts say.

Cybersecurity firm Emsisoft shared disconcerting details about the recent, massive hacking campaign conducted by the Cl0p ransomware group that targeted the MOVEit Transfer file transfer platform designed by Progress Software Corporation.

According to the experts, the attacks impacted approximately 1,000 Organizations and 60,144,069 individuals. The Cl0p ransomware gang exploited the zero-day vulnerability CVE-2023-34362 to hack the platforms used by organizations worldwide and steal their data.

Clop ransomware MOVEit Transfer

The data is sourced from state breach notifications, SEC filings, and other public disclosures, as well as the leak site maintained by the Cl0p group, and is current as of August 25, 2023.

The researchers reported that the attacks impacted tens of millions of individuals. Below is the list of organizations with the highest number of impacted individuals:

Maximus11 million
Pôle emploi10 million
Louisiana Office of Motor Vehicles6 million
Colorado Department of Health Care Policy and Financing4 million
Oregon Department of Transportation3.5 million
Teachers Insurance and Annuity Association of America2.6 million
Genworth2.5 million
PH Tech1.7 million
Milliman Solutions1.2 million
Wilton Reassurance Company1.2 million

“U.S.-based organizations account for 83.9 percent of known victims, Germany-based 3.6 percent, Canada-based 2.6 percent, and U.K.-based 2.1 percent.” reads the report published by Emsisoft. “The most heavily impacted sectors are finance and professional services and education, which account for 24.3 percent and 26.0 percent of incidents respectively.”

The experts explained that is impossible to accurately calculate the cost of the MOVEit security breaches. However, using data from IBM’s “Cost of a Data Breach Report 2023” report, it is possible to estimate the cost. According to the report, data breaches cost an average of $165 USD per record, while the number of individuals impacted by the MOVEit campaign is 60,144,069, this suggests that the total cost is $9,923,771,385. However, Emsisoft highlighted that only a minority of victims have so far reported the number of individuals impacted.

If the same average number of individuals is confirmed to have been impacted for each of the remaining known incidents, the total cost of this campaign will reach $63,896,282,853.

“The MOVEit incident highlights the challenges organizations face in securing their data. It’s not only their own security they need to be concerned about, it’s their supply chains too. Complicating matters further is the fact that attacks which leverage zero-day vulnerabilities, as this one did, are extremely hard to defend against.” concludes the report. “The incident will undoubtedly be extremely costly. Beyond remediation, organizations and their insurers will need to provide credit monitoring to individuals and will undoubtedly face multiple lawsuits.”

Researchers from cybersecurity firm Resecurity also published a report that confirms the data shared by Emsisoft. As of August 23, Resecurity reported that 963 public and private sector organizations was hit by the MOVEit campaign.

“The most impacted sectors are finance, professional services, and education, which collectively account for over 48% of reported victims.” reported Resecurity. “Cl0p is anticipated to generate between $75 mm and $100 mm in primary ransom payouts, making it the most significant cyberattack of all time.”

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, MOVEit)

you might also like

leave a comment