The MOVEit data breach, discussed in an earlier post, continues to make headlines. As SDX reports:
Orchestrated by ransomware gang CL0P exploiting a zero-day vulnerability, it is now considered one of the largest hacks of 2023 — and potentially in recent history. To date, it is known to have impacted more than 1,150 organizations and nearly 56 million individuals, putting its global cost at close to $11 billion.
As Alex Holden of Hold Security commented, pushing data to the cloud too quickly can leave data vulnerable. Holden didn’t mince any words in criticizing the software:
MOVEit had fallacies in its legacy products that had not been given proper care or monitoring, Holden said. There was also a lack of webroot file monitoring and quantitative analysis that could have identified the massive transfers CL0P was making.
“Very sophomoric-level vulnerabilities found within MOVEit software led to this whole demise,” said Holden.
Read the article at SDX Central.