The MOVEit Security Breach and Protecting Your Identity

We have recently received several questions from clients & colleagues about news related to the MOVEit security breach.

This article contains some more information about what happened, what to do if you were affected, and also some general information on data security and identify theft.

What happened?

In May 2023, a zero-day vulnerability was discovered in MOVEit, a managed file transfer software used by thousands of organizations around the world. The vulnerability was exploited by the Russian ransomware group CL0P, who stole data from over 340 organizations and 18 million individuals. The organizations affected include educational institutions, government agencies, healthcare organizations, and businesses of all sizes. It’s recommended that organizations that use MOVEit should apply the latest security patches and review their security policies to ensure that they are adequately protecting their data.

What can you do?

If you were affected by the MOVEIT Security Breach, there are a few things you can do to manage a case of identity theft:

• Contact your professional service providers including your advisor, accountants, etc. Let them know what happened so they can prepare accordingly.
• Place a fraud alert on your credit report. This will let creditors know that you may be a victim of identity theft and require them to take extra steps to verify your identity before opening a new account in your name.
• Review your credit report for any unauthorized activity. Look for accounts that you did not open or charges that you did not make.
• Place a credit freeze on your credit report. This will prevent creditors from accessing your credit report without your permission. This can help to prevent identity thieves from opening new accounts in your name.
• Contact the companies where your information was stolen. Let them know that you have been a victim of identity theft and ask them to place a fraud alert on your account.
• File a police report. This will create a record of your identity theft for future reference.
• Monitor your accounts for suspicious activity. Be on the lookout for unauthorized charges or account closures.
• Change your passwords. This includes your passwords for your email, bank accounts, social media accounts, and any other online accounts that contain sensitive information.
• Be careful about what information you share online. Do not share your Social Security number, date of birth, or other sensitive information online unless it is absolutely necessary.

By following these steps, you can help to protect yourself from the financial and emotional harm that can be caused by identity theft.  Please reach out to us with any questions you may have.