In the midst of the global surge in cybersecurity incidents, the MOVEit vulnerability has impacted thousands of organizations worldwide, exposing persistent vulnerabilities. From global energy giant Shell to the New York City Department of Education to the Oregon DMV, it appears that not many organizations are safe from this breach. Now, another victim has emerged.
The National Student Clearinghouse (NSC), a trusted U.S. educational nonprofit, recently announced it also fell victim to this vulnerability. The breach impacted 890 schools in the United States that rely on NSC's services.
In a breach notification letter filed with the Office of the California Attorney General, NSC disclosed that attackers gained unauthorized access to its MOVEit managed file transfer (MFT) server on May 30, 2023. This breach exposed a wide range of personal information, including names, dates of birth, contact information, Social Security numbers, student ID numbers, and various school-related records.
The organization provided more information in a recent security update, saying that it has collaborated with cybersecurity experts to understand the impact on its systems, as well as coordinating with law enforcement agencies and notifying affected organizations. NSC says that there is "no evidence to suggest that the unauthorized party specifically targeted the Clearinghouse, our customers, or other organizations that provide data to the Clearinghouse."
Cybercriminals have increasingly targeted widely-used services and software, knowing the potential reach and impact of their attacks. Experts believe that the fallout from these types of attacks will impact numerous organizations globally, with many already notifying affected customers.
Estimates from cybersecurity professionals suggest that even if a relatively small percentage of victims pay ransom demands, the Clop cyber gang could amass tens of millions of dollars in payments due to their high value demands.
Darren Guccione, CEO and Co-Founder at Keeper Security, shared his thoughts on the MOVEit vulnerability with SecureWorld News:
"As cyber teams continue to address this spate of attacks, the news should serve as a wakeup call to every organization that this serious Zero-Day vulnerability must be remediated immediately. However, as any organization grows and becomes a more appealing target, the quality and focus of these attacks will increase accordingly.
All organizations should take a proactive approach to regularly update software and immediately patch vulnerabilities that are being actively exploited in the wild. Organizations must ensure they have a patch deployment process defined and written down, with emergency levers for critical vulnerabilities. When organizations have a clear plan, their teams can execute it accordingly."
The MOVEit breach has cast a long shadow over the cybersecurity landscape in 2023, serving as a stark reminder of the relentless and evolving nature of cyber threats. Its impact, felt by countless organizations worldwide, has highlighted the pressing need for proactive cybersecurity measures and swift remediation of known vulnerabilities.
Follow SecureWorld News for more stories related to cybersecurity.