Based in Milwaukee, the Medical College of Wisconsin (MCW) offers thousands of students learning opportunities. MCW utilizes many vendors to complete and assist with admin duties for the college; Progress Software’s MOVEit file transfer tool was one of these. However, that will likely change, given MOVEit’s evolving data breach.
MOVEit’s file transfer tool allows users to move files seamlessly, regardless of differing software. The utility of its tools got back shelved earlier this year when a zero-day vulnerability appeared within its system. The vulnerability allowed hackers to enter organization systems worldwide.
Progress Software announced MOVEit’s vulnerability on May 31st, 2023; impacted organizations immediately began investigations. MCW completed its review around September 21st, confirming the attack occurred around May 27th. MCW began sending notices to those impacted around November 14th.
It is unclear what groups may feel the impact of the breach. Medical patients, students, attending doctors, associated faculty, alums, and vendors may have information exposed in the breach. Until more is made public, anyone associated with MCW could have data at risk for misuse.
The total number of impacted files is unclear. The Texas Attorney General’s website breach filing indicates 550 Texans impacted, but the final number is higher. At this time, all parties with a relationship with MCW should take preventative measures to secure their data. Increasing your account security wherever possible, then invest in monitoring services.