325 views 48 secs 0 comments

Victims of MOVEit breach continue to emerge

In Data Breach News
September 18, 2023

One of the biggest breaches of 2023 involves the 0-day attack by Clop threat actors on file transfer software called MOVEit by Progress Software. The attack was launched in May and June. It affected more than 1,100 entities and more than 56 million people according to statistics compiled by Emsisoft.

One of the most recent victim disclosures was made by Nuance, which is a Microsoft-owned technology firm. Its notice stated it was disclosing on behalf of a number of medical entities:

Image: Dreamstime

Nuance did not disclose the total number affected in its notice, but if it files a notice with HHS on behalf of the same entities, we will then have a number.

Clop threat actors have leaked some of the data they stole from Nuance, and it is not clear how much more data they may have that they will also leak.