Weekly Cybersecurity Recap June 16
Table of Contents
- By Steven
- Published: Jun 16, 2023
- Last Updated: Jun 16, 2023
Data breaches are becoming more prevalent and serious each week in 2023, but this week was a bad one for the MOVEit file transfer service, as well as medical organizations and schools and school districts. Anyone utilizing MOVEit should immediately patch the service for their protection, but we're going to go into specifics about that breach, as well as breaches impacting the Pearland, Texas school district, Intellihartx, the MN Department of Education, and the Utah Medicaid system. Read on for more details that may impact you.
MOVEit File Transfer
The MOVEit file transfer service is a tool used by hundreds of major companies in different parts of the world to send documents between two locations securely. This service suffered a serious breach due to attacks from the C10p ransomware gang, and those attacks resulted in countless American, European, and other companies being exposed. Progress Software, the parent company of this service, alerted the public and created a security patch for the breach on May 31. The organization has until June 14, 2023, to complete negotiations with the C10p ransomware gang, but it appears that many companies will be suffering serious data losses because of this breach.
Pearland Independent School District
The Pearland school district in Texas covers more than 23 campuses and serves over 21,000 students while employing more than 1,700 individuals. The district recently suffered from a data breach starting on November 8, 2022, when suspicious activity was detected on its file network. An investigation on the breach finished by May 18, 2023, and the Maine Attorney General's office was notified on June 6, 2023. Information for up to 55,000 individuals was lost in this breach, including full names, home addresses, birth dates, and Social Security Numbers.
Intellihartx
Intellihartx is a patient payment and collections service that works with hospitals and medical facilities throughout the country. This Tennessee-based company was recently hacked, and nearly 500,000 patients lost their data in the attack, according to the investigation. This breach led to the loss of Social Security numbers, home addresses, medical billing and insurance information, diagnoses, medication types, and more. All this data was released to the public by a hacker attack, and anyone involved should monitor their credit to protect themselves.
MN Department of Education
The MN Department of Education was a victim of the MOVEit file transfer data breach and may have lost serious student and parent data in the breach in the month of May 2023. The breach impacts more than 95,000 students placed in foster care in Minnesota, as well as students taking PSEO Classes at Hennepin Technical College and those in the Perham District qualifying for pandemic electronic benefits. The data involved includes names, birth dates, home addresses, and counties of residence. No financial data is believed to be involved in this breach, but it's still concerning for students in the Minnesota school district.
Utah Medicaid
On May 8, 2023, the Utah Medicaid Department realized it made a critical mistake with its benefits notices. The department sent notification letters for up to 5,800 individuals to the wrong households. The department explained that the error occurred because of software issues, but the error gave away personal information, as well as Social Security Numbers, to the wrong households. It quickly sent out notices to everyone involved explaining to them the issue, but some of the Utah Medicaid recipients are at risk because of this breach, and they should watch over their credit closely.
