The Maine state government is the latest victim to disclose a breach related to the MOVEit mass hack, thought to be the largest hacking incident of the year by the numbers of victims alone.
MOVEit systems are file transfer servers used by thousands of organizations around the world to move large sets of often-sensitive data over the internet. In May, the system’s maker Progress Software fixed a vulnerability that allowed cybercriminals — specifically the notorious Clop ransomware and extortion gang — to mass-hack MOVEit servers around the world and steal the customers’ sensitive data stored inside.
According to cybersecurity firm Emsisoft, which has been tracking the mass exploitation, more than 2,500 organizations have disclosed MOVEit-related data breaches, affecting at least 69 million people — though the true number is likely to be far higher as more organizations come forward.
Emsisoft lists Maine’s security incident as the eleventh largest MOVEit-related breach disclosed at the time of writing, behind Ontario’s birth registry; the states of Colorado, Oregon, and Louisiana; and U.S. government contractor Maximus. Several U.S. federal agencies were also affected including the U.S. Department of Energy.
Clop has not yet listed Maine on its leak site as it has with other MOVEit-related victims. Ransomware gangs often publish portions of the stolen files to extort organizations into paying a ransom. The Clop gang has previously claimed it deletes government data. Cybercriminals are known to mislead or outright lie if it results in them getting paid, or retain the stolen data if it can be financially valuable elsewhere.