When Grab PH bought motorcycle taxi app Move It, I thought I would become a 1st-time customer of that service. I use Grab, so it already has my info. I wouldn't need to sign up and type all my details. How convenient.
But Move It wasn't integrated into the Grab app. Instead, I would have to download a new app.
This time, it's (get this...) my employer's Canadian subsidiary's group health plan's provider's banking partner's provider of file transfer services, #MOVEit.
"The type of #data accessed could include any of..." <everything needed for #identity#theft>, and as an extra-special bonus, "#Health information relating to a claim"!
The breach, as outlined in Delta Dental of California’s notification, involved unauthorized access by threat actors who exploited a zero-day SQL injection flaw in the MOVEit file transfer software (CVE-2023-34362).
In light of yet more #MOVEit breach disclosures, @censys researchers took another look at MOVEit exposure across the Internet. In early May, prior to Progress Software's disclosure of the initial vulnerability, we saw just under 3,000 MOVEit instances online. Over the next few months, we saw the number drop slightly, and as of August, we observe a fairly consistent presence of around 2,200 instances online.
We have no way to know whether these instances are all patched and remediated, but based on recent MOVEit breach disclosures from AutoZone, Welltok, and others, it's possible some unpatched instances (and undiscovered intrusions 😓) remain.
About 250,000 construction workers are potentially victims of an international data leak that affects a medical insurance provider of the Commission de la construction du Québec. #CCQ#MOVEit
Last week I chatted with @mattburgess at WIRED about the long tail of fallout from #MOVEit. Read my comments and the excellent article by Matt and @lhn here:
Progress Software is having an interesting time. First #MOVEit, now multiple #vulnerability disclosures for their #WS_FTP product. The silver lining here is that it doesn’t look like any of these are known to have been exploited in the wild. (Yet?)
But out of curiosity, we looked at the Internet exposure of WS_FTP instances with the Ad Hoc Transfer module installed, read about it here ⬇️
Hackers Accessed 632,000 Email Addresses at US Justice, Defense Departments (www.bloomberg.com)
The eight-page report said hackers were able to obtain access to the data by exploiting vulnerability in the MOVEit file transfer program