Vitality MOVEit Data Breach Impacts GuidePoint
- By Steven
- Aug 15, 2023
The Vitality Group, LLC, a business-to-business vendor that provides employee benefit services to GuidePoint Security, experienced a security vulnerability on May 30, 2023 relating to the third-party file transfer program called MOVEit. The zero-day vulnerability became known in established security networks and channels late on May 31, 2023, and was specifically picked up and identified by internal Vitality security personnel on June 1, 2023. Vitality took immediate action and temporarily disabled access to MOVEit to protect Vitality’s members’ data privacy. After reviewing the incident, Vitality confirmed that some of GuidePoint’s information relating to its employees had been accessed by the unauthorized third party.
A previous version of this article contained material inaccuracies. By way of example, the article stated that GuidePoint suffered a security incident that exposed its customer data. As stated above, GuidePoint’s vendor suffered the security incident and none of GuidePoint’s customer data was exposed. IDStrong apologizes to GuidePoint for publishing these erroneous statements.