The headline items from the 2024 Verizon DBIR include a 180% jump in vulnerability exploitation from 2023's numbers, and non-malicious employee elements continuing to play a role in over two-thirds of breaches as phishing remains a major threat.
Threat actors accessed personal and protected health information from the Colorado Department of Health Care after third-party vendor IBM suffered a MOVEit data breach.
Centers for Medicare & Medicaid Services (CMS) is notifying 946,801 Medicare beneficiaries that the May 2023 MOVEit breach compromised their protected health and personal information.
Flagstar Bank suffered a MOVEit data breach via a third-party payment processor and mobile banking services provider, impacting over 800,000 customers in the US.
The university system became aware of the MOVEit breach in late May of last year and blocked the software on its network, so it is very likely that the stolen data was already dumped to the dark web or sold some time ago.
The state government of Maine has confirmed a MOVEit data breach that leaked extensive personally identifiable information of basically all 1.3 million residents.
The MOVEit data breach saw about 632,000 emails from the Departments of Defense and Justice accessed by a criminal hacking group based in Russia, in addition to already-documented personal information leaks at some 1,000 companies.
The damage tally from the massive MOVEit data breach continues to go up, as a US government contractor is reporting that 8 to 11 million records of health data have been exposed.
German banks Deutsche Bank AG, ING, Postbank, and Commerzbank’s subsidiary Comdirect, have leaked customer data via third-party service provider MOVEit data breach.
Sony Interactive Entertainment has confirmed a MOVEit data breach that leaked the personal information of current and former employees and their family members.