Weekly Cybersecurity Recap July 28
Table of Contents
- By Steven
- Jul 28, 2023
Near the end of July, the MOVEit data breaches that occurred back in May are still doing serious damage and hurting major companies. Three of the five breaches reported this week were due to MOVEit-related attacks, including Milliman Solutions, the National Student Clearinghouse, and 1st Source Bank. The other two companies that suffered from major data breaches this week are Microsoft and the Tramp General Hospital. Millions of consumers had their personal and health data stolen this week, and many large businesses were hurt by these attacks. Read on to learn the specifics about each breach and if any impact you directly.
Milliman Solutions, a risk-assessment company that contracts for insurance providers, was recently the victim of a major data breach. The company relied on third-party providers that use MOVEit file transfer services. The MOVEIt software was recently hacked, which is how attackers were able to steal information for more than 1 million individuals whose data was being processed by Milliman Solutions. The information included Social Security numbers and names and could be used for identity theft attacks.
The Tampa General Hospital is a mid-sized hospital located in Tampa Florida. The facility is used for academic research and provides tertiary care to the people of Tampa. The hospital suffered a data breach that exposed data for 1.2 million patients. Among the data were Social Security numbers, treatment information, health insurance, and more. The hospital reached out to the FBI in an effort to track down the attackers and resolve the issue.
National Student Clearinghouse
The National Student Clearinghouse verifies students looking to attend college. The organization recently suffered data breaches connected to the MOVEit file transfer service and lost student and employee data for major colleges such as SUNY Fredonia, the UB University at Buffalo, Olympic College, Lake Sumter Community College, and many others. Individuals involved in this data breach lost addresses, Social Security numbers, full names, and other personal data points used for identification purposes.
A significant number of businesses began losing data to Microsoft Office 365 cloud service data breaches. Major companies using the Office 365 service were breached and had confidential data stolen. The breach was detected in June 2023 and is suspected to be to aid espionage for Chinese companies. There is no specific information about what business data was stolen, and we don't yet know if consumer data was taken in the attack. Microsoft is stepping up its security protections on its cloud service as a precaution against future attacks, but Microsoft products are always heavily targeted, and they will likely suffer from another breach in the future.
1st Source Bank
On July 14, 1st Source Bank reported a data breach to the Maine Attorney General. The breach was due to the Zero-Day vulnerabilities in the MOVEit file transfer software. This breach impacted more than 450,000 bank customers. The customers lost personal data, including Driver's License numbers, Social Security numbers, and more. The bank is providing 12 months of credit monitoring services to the victims.