The Vermont Department of Financial Regulation oversees major financial and insurance-related businesses throughout the state. The major banking and insurance companies must answer to this regulatory organization, which means that many people supply the organization with personal and business-related data. That's why it's upsetting to learn the organization suffered from a recent data breach. The breach may have released information for as many as 42,000 individuals.
We don't have specific data about what information was taken in this breach. We suspect significant personal information was lost, and the data taken may include all of the following.
It's likely that the information taken varies for each of the individuals involved, meaning that each person may have lost a combination of this information but not all of it.
This Vermont Dept of Financial Regulation breach occurred because the organization used the MOVEit file transfer service to protect sensitive documents. This service recently suffered from a serious security problem that enabled select hacker groups to break into the file databases of companies connected to the software. The hackers broke into the Vermont Dept. of Financial Regulation's files through the software and stole a huge amount of information.
The breach likely occurred near the end of May or the beginning of June 2023. There are no specific details about when the breach was first identified, but we suspect it occurred around that time because other victims of MOVEit-related breaches lost information around then.
Approximately 42,000 Vermont residents could be impacted by this data breach. The residents that work most closely with the Vermont Department of Financial Regulation or businesses that must comply with government regulatory requirements are likely the victims.
We do not know how many Vermont Financial Regulation files were lost in this breach. It's likely that thousands were involved, and we know that more than 42,000 residents lost information in it.