Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Saturday, 4 July, 2026
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2026
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2026
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

MOVEit latest: US Government services provider Maximus hit

by The Gurus
July 28, 2023
in Uncategorized
AT&T Cybersecurity grows SASE offering by adding Palo Alto Networks
Share on FacebookShare on Twitter

The MOVEit attack is constantly evolving and this week a new update has occurred. Maximus Inc., a US government services provider is the latest victim of the Clop ransomware gang’s exploitation of a critical vulnerability within Progress Software Corp.’s MOVEit file transfer software. It is estimated that as many as 11 million people have had information stolen.

Maximus specialises in providing services for the US healthcare industry, specifically Medicaid, Medicare, health care reform, welfare-to-work and student loan servicing.

The company declared the incident to the U.S. Securities and Exchange Commission after becoming aware it had been impacted by the initial MOVEit vulnerability attack that has plagued organisations around the world. At present, it is unclear as to who the victims are or where they are from because Maximus also provides services outside the US, to countries such as Australia, Canada and the UK.

With the Clop ransomware group being attributed with the attack, Maximus joins a seemingly growing list of high-profiled companies that have been affected, which includes: the US Department of Energy, Shell, the BBC, British Airways and the University of Georgia.

We reached out to industry experts to gather their thoughts on this attack:

Elliott Wilkes, chief technology officer at Advanced Cyber Defence Systems:

“If ever there was an example of why you need to closely monitor and continuously evaluate the security of your suppliers and supply chain, look no further than the MOVEit vulnerabilities that were disclosed in June of this year. While the company behind MOVEit file transfer technology has released patches for the two zero-day vulnerabilities that were discovered in June, many large organisations aren’t very nimble when it comes to patching systems, even when critical vulnerabilities are exposed like this. This is perhaps the largest breach of this calendar year, but due to the challenge organisations have with patching their vulnerable systems in a timely manner, this won’t be the last breach due to MOVEit we hear about.

What’s interesting is that the company behind the MOVEit software appears to have all of its compliance-driven security checks and protocols in place, things like PCI-DSS and HIPAA, requirements to manage credit card and health PII, respectively. It is clear that these compliance frameworks are simply the starting point for security posture. Organisations that manage large swaths of customer data and sensitive personal information must perform regular and continuous audits of their systems, checking their configurations and versions for vulnerabilities. It is important to use multiple methods and vendors to perform rigorous security testing of your internal systems as well as the products you deliver to customers. This includes penetration testing but also establishing internal teams to perform continuous validation of your security. These can be enhanced with bug bounty programs that use monetary incentives to get ethical security researchers to test your systems. I’ve seen a fair number of SQL-injection vulnerabilities (like this one in MOVEit file transfer system) caught by ethical hackers working on bug bounties for key systems in the US government and beyond. This class of vulnerability is certainly not beyond the scope of regular programmes and security tools that have emerged in the past decade.”

Erfan Shadabi, cybersecurity expert at comforte AG: 

“A breach in the healthcare sector is highly damaging due to the sensitive nature of the data involved. It exposes some of the most private personal and medical information of an already vulnerable section of the population, leading to identity theft, medical fraud, and financial losses for individuals and organizations. Such incidents erode trust, impact patient safety, and incur heavy legal and regulatory consequences. Organizations, especially in the healthcare sector,  should prioritize data-centric security measures. By adopting robust data-centric security strategies, organizations can protect sensitive information at its core, mitigating the impact of potential breaches. Encrypted data, strict access controls, and continuous monitoring are essential components to safeguard personal and healthcare data effectively.”

Ray Kelly, fellow at the Synopsys Software Integrity Group:

“This massive exploit of the MOVEit vulnerability is yet another demonstration of the importance of securing the software supply chain when it comes to data privacy. The key takeaway for business leaders is clear—just a single vulnerability in one piece of a third-party vendors’ software can lead to the compromise and exposure of personally identifiable information across every organization that vendor services. Organizations should ensure that any third-party vendor performs regular security assessments across their entire portfolio and infrastructure, and also meets compliance policy standards such as GDPR and SOX. Unfortunately, adopting these practices is not a silver bullet and does not ensure your organization’s protection against a future ransomware attack via the software supply chain.”

Tags: BreachcybersecurityHealthcare
ShareTweet
Previous Post

Data Loss Prevention for Small and Medium-Sized Businesses

Next Post

Programme for International Cyber Expo’s Global Cyber Summit 2023 Announced

Recent News

pentesting

Pentesting is dead. Long live pentesting.

July 3, 2026
AI Appreciation Day: Celebrating Progress, Embracing Responsibility

The industries being reimagined by AI

July 2, 2026
geopolitical cyber report

Iran-linked MuddyWater espionage campaign targets organisations across four continents

July 1, 2026
Check Point Brings Cloud Firewall to AWS European Sovereign Cloud

Check Point Brings Cloud Firewall to AWS European Sovereign Cloud

July 1, 2026

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2024 IT Security Guru - Website Managed by Dessol

  • About Us
Manage Consent
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
  • Manage options
  • Manage services
  • Manage {vendor_count} vendors
  • Read more about these purposes
View preferences
  • {title}
  • {title}
  • {title}
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2026
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2024 IT Security Guru - Website Managed by Dessol