Another case highlights how defenseless we are against data theft.
We also recently reported that the hackers who hacked the file transfer software MOVEit in May They also accessed the data of CCleaner userssimply because the developers of the maintenance software also use the solution for – in principle – safe transfer of files.
However, due to the popularity of MOVEit, CCleaner was far from the only actor whose data was leaked, and now it has become clear that the entire population of the state of Maine, located in the northeastern tip of the United States, is also involved in the matter.
THE Mashable according to his report this was acknowledged by the state itself in an official statement shared on its government portal, which reveals that cybercriminals managed to obtain the data of approximately 1.3 million people through MOVEit. According to a 2020 report, Maine has a total of 1.368 million residents, so practically every local person has experienced a cyber attack.
As for the nature of the data that fell into the wrong hands, according to the statement, sensitive information such as citizens’ name, date of birth, driver’s license number, medical and health insurance information, tax ID number and so on may have been leaked during the May 28-29 attack. .
Whose data was stolen depends to a large extent on what information the person gave to the state agencies using MOVEit: for example, if someone provided more data than average as a participant in a special program, the hackers got hold of that too.
According to the suspicion, the attack against MOVEit could have been carried out by a Russian gang, Cl0p, by exploiting a SQL vulnerability, which allowed them to access the provider’s database without authentication. THE As compiled by KonBriefing the attack affected 2,388 organizations and the data of 67-72 million people.