In late May, cyber extortionists CL0P compromised third-party secure file transfer service MOVEit, affecting those who used the tool. In June, the group began naming victims worldwide. Counted among the U.S. victims are several federal agencies and several states.
Maine recently finished assessing just how much the impact affected it. Now with the full list of affected individuals in hand, it’s reaching out to notify them.
The specific compromised details may vary by person, but could include dates of birth, driver’s license numbers, Social Security numbers, state identification numbers and/or taxpayer identification numbers as well as medical and health insurance information, per the state.
More than half of the data held by the state Department of Health and Human Services was affected, while 10 to 30 percent of the data held by the Department of Education was likely compromised, state officials said.
There are eight further agencies for which portions of their data that was exposed is either unknown to the state or is less than 1 percent. These include the Department of Administrative and Financial Services’ Office of the Controller; Workers’ Compensation Board; Bureau of Motor Vehicles; Department of Corrections; Department of Economic and Community Development; Department of Administrative and Financial Services’ Bureau of Human Resources; Department of Professional and Financial Regulation; and the Department of Labor’s Bureau of Unemployment Compensation.
A few agencies had information exposed on no more than 10 people. Those agencies include Revenue Services, the Center for Disease Control & Prevention and the Department of Public Safety’s Gambling Control Unit.
The state emphasized that the incident only impacted Maine’s MOVEit server, leaving other state networks and systems unaffected. Upon becoming aware of the incident, officials responded by blocking Internet access to and from those servers. It also adopted security measures recommended by Progress Software, the company behind the file transfer software, and brought in outside cybersecurity experts to help investigate the extent and nature of the incident.
IF YOU WERE AFFECTED
The state is notifying impacted individuals and set up a dedicated call center to field questions. Individuals also can call to confirm whether or not they were affected.
People whose taxpayer identification numbers or Social Security numbers were exposed can call in for assistance getting two free years of credit monitoring and identity theft protection.
The line is open 9 a.m. – 9 p.m. Monday through Friday at 877-618-3659.
