MOVEit hack claims Calpers and Genworth as millions more victims impacted

Send a link to a friend  Share

[June 23, 2023]  (Reuters) -The number of victims of the MOVEit hack grew by several million on Thursday after the biggest U.S. pension fund, Calpers, and insurer Genworth Financial said personal information of their members and customers had been compromised.  

A sign at California Public Employees' Retirement System (CalPERS) headquarters in Sacramento, California, U.S. February 14, 2017. REUTERS/Max Whittaker

Both said a third-party vendor, PBI Research Services, was affected in a data theft hack, providing a path for the hackers to then steal data from Calpers and Genworth. PBI could not be reached for comment.

Calpers said on June 6, 2023, PBI told them of a “vulnerability” in their MOVEit Transfer software that allowed hackers to download “our data” without specifying how many people were impacted. News reports said information from more than 700,000 Calpers members and retirees was taken.

The MOVEit software is widely-used by organisations around the world to share sensitive data.

Genworth Financial was harder hit, saying personal information of nearly 2.5 million to 2.7 million of its customers was breached.

"The personal information of a significant number of insurance policyholders or other customers of its life insurance businesses was unlawfully accessed," Genworth said.

From U.S. government departments to the UK's telecom regulator and energy giant Shell, a range of victims have emerged since Burlington, Massachusetts-based Progress Software found the security flaw in its MOVEit Transfer product last month.

The insurer said it is working to ensure "protection services" are provided to the impacted individuals, according to a regulatory filing.

Data taken from Calpers included members' first and last name, date of birth and social security number. It serves more than 2 million members in its retirement system.

The MOVEit hack has hit several state and federal agencies. Last week, the U.S. Department of Energy got ransom requests from the Russia-linked extortion group Cl0p at both its nuclear waste facility and scientific education facility that were recently hit in a global hacking campaign.

Data was compromised at the two DOE entities after hackers breached their systems through a security flaw in MOVEit Transfer.

The wide-ranging impact of the hack shows how even the most security-minded federal agencies are struggling to defend against ransomware attacks. Ransomware gangs typically scour for such widely-used tools.

(Reporting by Niket Nishant in Bengaluru and Chris Sanders in Washington DC; Editing by Maju Samuel and Daniel Wallis)

[© 2023 Thomson Reuters. All rights reserved.]
This material may not be published, broadcast, rewritten or redistributed.  Thompson Reuters is solely responsible for this content.

 

 

Back to top