Massachusetts Health Officials Alert Over 134,000 Individuals of Data Breach Involving MOVEit Software

honeymoney.toComplaints
Aug. 17, 2023

Health authorities in Massachusetts have issued a grave warning to more than 134,000 individuals, revealing that their personal and sensitive medical information may have been compromised in a far-reaching “worldwide data security incident” linked to the file-transfer program MOVEit. The state’s Executive Office of Health and Human Services (EOHHS) disclosed that the UMass Chan Medical School in Worcester, which serves the agency, has commenced the process of notifying potentially affected individuals who are either currently or were previously enrolled in specific state programs.

The compromised data, as outlined by EOHHS, encompasses a comprehensive array of personal and confidential information, including names, dates of birth, mailing addresses, Social Security numbers, financial data, and protected health information. The latter includes details such as diagnosis and treatment information, prescription data, provider names, dates of service, claims records, health insurance member IDs, and other health insurance-related particulars. The extent of the data exposed varies by individual.

The breach was a result of vulnerabilities in the file-transfer software MOVEit, which has seen implications on a global scale, impacting government agencies, financial institutions, pension funds, and numerous other organizations. EOHHS underscored that neither UMass Chan nor any state systems were compromised directly by the incident.

Individuals receiving notifications are strongly advised to take swift measures to safeguard their information, which includes diligently monitoring financial statements, enrolling in free credit monitoring, and adopting identity theft protection measures provided to those affected.

UMass Chan Medical School acted promptly upon discovering the vulnerability on June 1, initiating an immediate fix, involving law enforcement, and initiating an investigation. Through diligent efforts, UMass Chan identified files susceptible to unauthorized access due to the MOVEit security flaw. By July 27, 2023, it became evident that a subset of these files contained information pertaining to individuals who had received services from EOHHS.

Massachusetts authorities clarified that the file-transfer program MOVEit is licensed by a company named Progress Software and was utilized to transfer files in the course of services rendered by UMass to specific EOHHS agencies and programs.

Earlier reports from June had highlighted that multiple U.S. government agencies also fell victim to the software vulnerability. The U.S. Cybersecurity and Infrastructure Security Agency is now actively engaged in uncovering the origins of the attack and determining the extent of the compromised information.

The incident underscores the critical importance of robust cybersecurity measures and highlights the potential vulnerabilities that can impact organizations and individuals alike in an increasingly digital world. As authorities continue to investigate the breach, affected individuals are encouraged to remain vigilant and take the necessary precautions to safeguard their personal and financial well-being.

Comments
  • There are no comments yet. Your comment can be the first.
Add comment

Nov. 5, 2024 – 13:00 America on Edge: Guard Deployed Nationwide
Nov. 4, 2024 – 09:00 Election 2024: Immigration and Prices Will Decide
Apple Cyber Espionage Campaign Revealed: We Are Being Watched
TikTok Acknowledges Storage of Sensitive American Creator Data in China, Raises Concerns over Data Security
Glitch in Bank App Triggers Chaos as Customers Make Unauthorized Withdrawals
Russian nuclear giant looks to replace Western medical devices