Progress Software, the owner of the MOVEit file transfer tool, is dealing with dozens of class action lawsuits and investigations from U.S. agencies. This follows a significant security breach in May which led to the theft of a vast amount of data by the Clop ransomware gang.
Extent of the Damage
The fallout from the security breach is extensive:
- Hundreds of important organizations across the globe faced data theft due to this security lapse.
- Regulatory filings reveal that 23 MOVEit customers have demanded indemnification from Progress Software.
- Additionally, 58 class action lawsuits have been filed against the company. To manage this situation, there’s a proposal to consolidate these cases for a hearing at the U.S. District Court in Massachusetts.
- It’s estimated that over 62 million individuals and 2,000 organizations were affected by these breaches. Data compromised includes sensitive personal details such as Social Security numbers and banking information, as per The Record.
Investigations and Financial Implications
On the investigation front, Progress Software is collaborating with several investigative bodies. The Securities and Exchange Commission (SEC) has initiated a preliminary inquiry, issuing a subpoena to Progress Software. This action by the SEC is currently exploratory and doesn’t indicate any formal allegations.
Financially, while the MOVEit Transfer product constitutes a minor portion of their recent revenue, the incident has brought about additional expenses. Insurance has covered a portion, but the company has reported expenditures of around $1 million related to the MOVEit incident.
The Broader Implications
The implications of this incident go beyond just Progress Software. A lot of companies are still reporting breaches related to the vulnerability. For instance, Flagstar Bank Michigan has shared information about a data exposure incident impacting over 800,000 of its clients, linking it to the MOVEit vulnerability.
MOVEit disclosed the first vulnerability (CVE-2023-34362) on May 31, and released a fix the same day. The next two vulnerabilities (CVE-2023-35036 & CVE-2023-35708) were discovered on June 9 and June 15, respectively, and were followed by two new patches.
All patches are available on the company’s website, and security experts advise customers to apply them. Progress Software has also established a regular Service Pack program for all MOVEit products. All details on major releases, service packs, and hotfixes can be found in the MOVEit Product Hub.
Protecting Your Company from Zero-Day Attacks
Zero-day vulnerabilities pose serious security risks, leaving you vulnerable to zero-day attacks, which can further damage your computer or personal data. It’s smart and highly recommended to take both proactive and reactive security measures to keep them both safe.
Patching is the first step in preventing potential exploits. It is quickly followed by traffic filtering and scanning, which both prevent communication with command and control servers. When a zero-day vulnerability is announced, most software vendors work quickly to patch it, so make sure you check for a solution.
Applying software patches as soon as they become available reduces the exploit window and thus helps you avoid zero-day attacks. The Heimdal Patch and Asset Management solution allows you to automate your patching process and manage vulnerabilities more effectively.
If you liked this article, follow us on LinkedIn, Twitter, Facebook, and Youtube, for more cybersecurity news and topics.