US government contractor Maximus recently confirmed a significant data breach. The breach, affecting between 8 and 11 million people, is part of the escalating MOVEit Transfer data-theft attacks. Maximus, a vital player in managing and administering US government-sponsored programs, had to admit this cybersecurity mishap amidst increasing global concerns over data security.
Details of the data breach
Maximus, with a workforce of 34,300 people and revenue of approximately $4.25 billion, operates extensively across the U.S., Canada, Australia, and the U.K. In a form 8-K filed with the Securities and Exchange Commission (SEC), Maximus disclosed that the data breach resulted from a zero-day vulnerability (CVE-2023-34362) in the MOVEit file transfer application. The infamous Clop ransomware gang is known for exploiting this flaw to infiltrate numerous notable companies worldwide.
Despite the breach’s seriousness, Maximus clarified that there was no evidence of the hackers infiltrating beyond the MOVEit environment, immediately isolated from the rest of the corporate network.
What’s at stake and the aftermath
Nevertheless, this restricted access allowed the breach of personal information of millions of individuals, including social security numbers and protected health information. Maximus is in the process of notifying the affected individuals.
Maximus has projected an expense of about $15 million for the quarter ending June 30, 2023, an estimate of the total cost of investigation and remediation activities related to the incident.
The role of Clop ransomware gang
The Clop ransomware gang announced the Maximus breach on their dark web data leak site, boasting about breaching 70 more victims using the MOVEit zero-day flaw. According to their claims, they have stolen 169GB of data from Maximus’ MOVEit Transfer server. The process of extortion is ongoing, as no data has been leaked yet.
With the list of victims of the MOVEit zero-day flaw expanding, Clop has resorted to even more aggressive extortion tactics. They have initiated clearweb sites to expose the stolen data of particular companies, effectively expanding the potential audience and pressure on the victims.
This incident underscores the criticality of effective cybersecurity practices in the current digital era. What are your thoughts on this data breach and its potential impacts? Please share your thoughts with us in the comments below.