Massive Data Breach Hits Oregon Citizens as Hackers Exploit Vulnerability in MOVEit Transfer

A major data breach has left 1.7 million Oregon citizens vulnerable after hackers exploited a vulnerability in the widely used corporate file transfer tool, MOVEit Transfer. The breach impacted Performance Health Technology (PH Tech), a data management services provider to U.S. healthcare insurers, who confirmed the incident in a recent notice on their website.

According to PH Tech, unauthorized individuals gained access to Progress MOVEit’s software, downloading data files containing sensitive patient information. The compromised data includes names, dates of birth, Social Security numbers, email and postal addresses, member and plan ID numbers, as well as health-related information such as insurance authorizations, diagnosis and procedure codes, and claims details.

The extent of the breach on the number of affected individuals by PH Tech has not been disclosed yet. However, the Oregon Health Authority released a separate notice confirming that approximately 1.7 million of its members were impacted by the breach.

In response to the breach, the Oregon Health Authority is urging members of the Oregon Health Plan to activate credit monitoring as a precautionary measure. The interim director of the Oregon Health Authority, Dave Baden, expressed his concern over bad actors exploiting individuals in the state and the additional burden their actions create for affected citizens.

This is the second time an Oregon state agency has been hit by a MOVEit-related data breach. The Oregon Department of Transportation also fell victim to the mass-hacks, resulting in the compromise of 3.5 million driver’s license and identification cards.

The scope of the breach expands beyond Oregon, as other organizations have fallen victim to similar attacks. U.S. government services contractor Maximus recently reported that hackers accessed protected health information from approximately 11 million individuals, with over 600,000 of those affected being Medicare beneficiaries.

Several other organizations have also confirmed breaches related to MOVEit, including Serco, a contractor for the U.S. government, which reported that hackers accessed personal information from over 10,000 employees. Pennsylvania’s Allegheny County also confirmed a breach impacting nearly a million residents.

Cybersecurity company Emsisoft reported that there are currently 580 known MOVEit victims, affecting personal data from more than 40 million individuals.

The hackers responsible for these breaches are believed to be part of the Russia-linked hacking group called Clop. The group has been actively listing new victims on its dark web leak site and publishing stolen data from targeted organizations. Some notable victims include the U.K. communications regulator Ofcom, Dutch GPS company TomTom, and the U.S. Department of Energy.

The ongoing fallout from the MOVEit mass-hacks indicates a pressing need for heightened cybersecurity measures and increased vigilance from organizations worldwide to protect sensitive data and prevent future breaches.