A critical vulnerability in the widely used MOVEit file transfer software has led to one of the most extensive corporate data leaks in recent history, affecting millions of employees across 25 major organizations.
The breach, attributed to a zero-day vulnerability known as CVE-2023-34362, has exposed sensitive employee information from global companies in the finance, technology, healthcare, and retail sectors.
A threat actor operating under the alias “Nam3L3ss” has released vast datasets containing detailed employee records stolen during the MOVEit attacks in May 2023.
The leaked data includes names, email addresses, phone numbers, job titles, and, in some cases, entire organizational structures.
Attend a Free Webinar on How to Maximize Cybersecurity Program ROI
Here’s a table showing the number of records stolen from each company in the MOVEit data breach:
Company | Records Stolen |
---|---|
Amazon | 2,861,111 |
MetLife | 585,130 |
Cardinal Health | 407,437 |
HSBC | 280,693 |
Fidelity | 124,464 |
U.S. Bank | 114,076 |
HP | 104,119 |
Canada Post | 69,860 |
Delta Airlines | 57,317 |
Applied Materials | 53,170 |
Leidos | 52,610 |
Charles Schwab | 49,356 |
3M | 48,630 |
Lenovo | 45,522 |
Bristol Myers Squibb | 37,497 |
Omnicom Group | 37,320 |
TIAA | 23,857 |
UBS | 20,462 |
Westinghouse | 18,193 |
Urban Outfitters | 17,553 |
Rush University | 15,853 |
British Telecom | 15,347 |
Firmenich | 13,248 |
City National Bank | 9,358 |
McDonald’s | 3,295 |
This table shows the extent of the data breach, with Amazon being the most severely impacted, having over 2.8 million records stolen. The breach affected companies across various sectors, including technology, finance, healthcare, and retail.
Other affected organizations include U.S. Bank, HP, Delta Airlines, Charles Schwab, 3M, Lenovo, and McDonald’s, among others. The total number of compromised records across all 25 companies exceeds 5 million.
The leaked datasets contain highly structured information, revealing not only contact details but also sensitive internal data such as cost center codes and departmental assignments.
Security researchers at Hudson Rock have verified the authenticity of the data by cross-referencing it with LinkedIn profiles and information from previous infostealer infections.
Nam3L3ss claims this leak represents just a fraction of the data in their possession, hinting at potentially more extensive disclosures in the coming days. The hacker’s motives remain unclear, as they deny any attempts at blackmail or ransom demands.
While the Clop ransomware gang initially exploited the MOVEit vulnerability, researchers cannot yet confirm whether Nam3L3ss is affiliated with Clop or acted independently.
The breach poses significant risks for affected organizations and their employees. These include:
In response to the breach, cybersecurity experts recommend several mitigation strategies:
Amazon has confirmed the breach, stating that a third-party property management vendor was compromised, affecting employee work contact information. The company asserts that its core systems remain secure and that no sensitive personal data, such as Social Security numbers or financial information, was exposed.
As organizations deal with the consequences of this significant data leak, the incident highlights the essential need for timely security patching and strong cybersecurity measures in an increasingly interconnected digital landscape.
The full extent of the breach’s impact is still unfolding, and potentially, more revelations will come soon.
Run private, Real-time Malware Analysis in both Windows & Linux VMs. Get a 14-day free trial with ANY.RUN!
Vulnerability Assessment and Penetration Testing (VAPT) tools are an integral part of any cybersecurity toolkit,…
Microsoft has allowed unprivileged users to update their own User Principal Names (UPNs) in Entra…
IntelBroker, a key figure within the dark web's BreachForums, has announced his resignation as the…
A critical vulnerability in Kubernetes, designated as CVE-2024-9042, has been discovered, enabling attackers to execute…
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning regarding a critical…
Researchers from the University of Florida and North Carolina State University conducted an extensive analysis…