The State of Maine in the United States has been the victim of a cyberattack.
That’s right, the whole state was hacked by a Russian hacking collective.
The state claims that over 1.3 million people’s personal information was compromised via an already known vulnerability in secure transfer service MOVEit Transfer. Unfortunately for the people of Maine, this vulnerability is known to be used by the Cl0p ransomware gang, based out of Russia.
What Happened?
The attack was carried out May 28th and 29th and was known to expose citizens’ Social Security numbers, driver’s license numbers, and other personal state-kept information. There are many that have their medical and health insurance information compromised. The statement said the state of Maine holds information about residents “for various reasons, such as residency, employment, or interaction with a state agency,” and that the data it holds varies by person.
The state announced that more than half of the stolen files were from their Department of Health and Human Services, while another large portion was taken from their Department of Education. Other agencies that were affected by the breach include the Bureau of Motor Vehicles and the Department of Corrections.
A spokesperson for the state said that the total number of Maine residents that had data leaked was around 530,000, or about forty percent of the entire population of the state. All the other information was of people who aren’t current residents of the state.
MOVEit systems file transfer has been a frequently hacked system, resulting in files on over 69 million people being stolen or leaked. It has been used by the CI0P ransomware gang in dozens of attacks over the past calendar year.
This is just one example of how devastating a cyberattack can be. If you want to avoid being the victim of a ransomware attack, or a network breach in general, it’s time to tighten up your cybersecurity. Give our professional technicians a call today at (336) 790-1000 to learn how we can help get you the tools and strategies needed to keep your organization’s data secure.