CyberSecurityBoard
Sponsor Register Login

MOVEit Vulnerability Hits Delta Dental: 7 Million Records Exposed

Delta Dental of California and affiliates disclosed a data breach following a global security incident linked to the vulnerability in MOVEit file transfer software by Progress Software.
According to a breach notification filed with the Maine Attorney General on December 14, unauthorized actors accessed protected health information.
The exposed data includes individuals' names coupled with a mix of addresses, Social Security numbers, driver's license numbers, state identification numbers, passport details, financial account information, tax identification numbers, individual health insurance policy numbers and/or health-related information.
Delta Dental discovered the breach on June 1 2023, reportedly launching an investigation and taking corrective measures.
On July 6 2023, it was confirmed that unauthorized access occurred between May 27 and May 30, affecting approximately 7 million individuals.
The investigation concluded on November 27 2023, with law enforcement notified.
Claude Mandy, chief evangelist of data security at Symmetry Systems, noted that the delay in detecting, responding to and identifying the accessed data and individuals impacted is unsurprising.
Delta Dental said it is notifying affected individuals and providing support services.
Individuals are advised to monitor financial statements and report suspicious activity.
The MOVEit vulnerability has impacted thousands of organizations globally, from corporations to government agencies.


This Cyber News was published on www.infosecurity-magazine.com. Publication date: Mon, 18 Dec 2023 17:00:24 +0000


Cyber News related to MOVEit Vulnerability Hits Delta Dental: 7 Million Records Exposed

Delta Dental of California data breach exposed info of 7 million people - Delta Dental of California and its affiliates are warning almost seven million patients that they suffered a data breach after personal data was exposed in a MOVEit Transfer software breach. Delta Dental of California is a dental insurance provider ...
11 months ago Bleepingcomputer.com
Delta Dental says data breach exposed info of 7 million people - Delta Dental of California is warning almost seven million patients that they suffered a data breach after personal data was exposed in a MOVEit Transfer software breach. Delta Dental is a dental insurance provider that covers 85 million people ...
11 months ago Bleepingcomputer.com
Delta Dental of California Discloses Data Breach Impacting 6.9 Million People - Dental insurance giant Delta Dental of California is informing more than 6.9 million individuals that their personal information was compromised as result of the MOVEit hacking incident. In notification letters it started sending out last week to the ...
11 months ago Securityweek.com
MOVEit Vulnerability Hits Delta Dental: 7 Million Records Exposed - Delta Dental of California and affiliates disclosed a data breach following a global security incident linked to the vulnerability in MOVEit file transfer software by Progress Software. According to a breach notification filed with the Maine Attorney ...
11 months ago Infosecurity-magazine.com
Electronic Frontier Foundation - We're not just talking about the ballot box, but the everyday power we all have to demand government agencies make their records and data available to public scrutiny. At every level of government in the United States, there are laws that empower the ...
8 months ago Eff.org
Data Breaches in US Schools Exposed 37.6M Records - Since 2005, educational institutions in the United States have experienced 3713 data breaches, impacting over 37.6m records. According to new data by Comparitech, 2023 marked a record year, with 954 breaches recorded - a dramatic rise from 139 in ...
6 months ago Infosecurity-magazine.com
MongoDB issues weekend warning of breach The Register - Critical vulnerabilities: The not-patch-Tuesday list. As is usually the case this time of month, the most pressing vulnerabilities of recent days were revealed/patched in Patch Tuesday releases. CVSS 9.8 - So many CVEs: Siemens SIMATIC S7-1500 CPU ...
11 months ago Go.theregister.com
Hackers target new MOVEit Transfer critical auth bypass bug - Threat actors are already trying to exploit a critical authentication bypass flaw in Progress MOVEit Transfer, less than a day after the vendor disclosed it. MOVEit Transfer is a managed file transfer solution used in enterprise environments to ...
4 months ago Bleepingcomputer.com
MOVEit victim count latest: 2.6K+ orgs, 77M+ people The Register - Quick show of hands: whose data hasn't been stolen in the mass exploitation of Progress Software's vulnerable MOVEit file transfer application? Anyone? According to security shop Emsisoft, 2,620 organizations and more than 77 million individuals have ...
11 months ago Theregister.com
Vulnerability Summary for the Week of November 27, 2023 - PrimaryVendor - Product apple - multiple products Description A memory corruption vulnerability was addressed with improved locking. Published 2023-12-01 CVSS Score not yet calculated Source & Patch Info CVE-2023-48842 PrimaryVendor - Product dell - ...
11 months ago Cisa.gov
MOVEit Transfer Flaws Push Security Defense Into a Race With Attackers - Attackers appear to be pounding away at a couple of critical bugs that Progress Software disclosed this week in its MOVEit file transfer application, with nearly the same ferocity as they did the zero-day flaw the company disclosed almost exactly a ...
4 months ago Darkreading.com
Auto parts giant AutoZone warns of MOVEit data breach - AutoZone is warning tens of thousands of its customers that it suffered a data breach as part of the Clop MOVEit file transfer attacks. AutoZone is the leading retailer and distributor of automotive spare parts and accessories in the U.S., operating ...
11 months ago Bleepingcomputer.com
Welltok data breach exposes data of 8.5 million US patients - Healthcare SaaS provider Welltok is warning that a data breach exposed the personal data of nearly 8.5 million patients in the U.S. after a file transfer program used by the company was hacked in a data theft attack. Welltok works with health service ...
11 months ago Bleepingcomputer.com
Misconfigured Firebase Instances Expose 125 Million User Records - Hundreds of websites misconfigured Google Firebase, leaking more than 125 million user records, including plaintext passwords, security researchers warn. It all started with the hacking of Chattr, the AI hiring system that serves multiple ...
8 months ago Securityweek.com
900+ websites Exposing 10M+ Passwords: Most in Plaintext - Over 900 websites inadvertently expose over 10 million passwords, many of which are in plaintext, alongside sensitive billing information and personally identifiable information of approximately 125 million users. This massive data exposure is ...
8 months ago Gbhackers.com
MoveIt Transfer vulnerability targeted amid disclosure drama - Another vulnerability in Progress Software's MoveIt Transfer product is under attack amid an apparent leak of flaw. In security alerts published on Tuesday, Progress detailed two critical improper authentication vulnerabilities, one tracked as ...
4 months ago Techtarget.com
Millions of user records exposed by 900+ sites via Firebase The Register - At least 900 websites built with Google's Firebase, a cloud database, have been misconfigured, leaving credentials, personal info, and other sensitive data inadvertently exposed to the public internet, according to security researchers. Among these ...
8 months ago Go.theregister.com
PJ&A says cyberattack exposed data of nearly 9 million patients - PJ&A is warning that a cyberattack in March 2023 exposed the personal information of almost nine million patients. PJ&A provides medical transcription services to healthcare organizations in the United States. The company said the threat actors ...
11 months ago Bleepingcomputer.com
Progress Discloses Two New Vulnerabilities in MOVEit Products - Progress Software has disclosed two fresh vulnerabilities in its MOVEit file transfer products. The first is an authentication bypass affecting the MOVEit Transfer SFTP service in a default configuration. It affects the Secure File Transfer Protocol ...
4 months ago Infosecurity-magazine.com
CVE-2023-40043 - ...
1 year ago
Apple-backed data breach report says 2.6 billion records leaked in 2 years - An Apple-commissioned data breach report found 2.6 billion records were stolen by hackers between 2021 and 2022. The report by MIT Professor of Information Technology Stuart Madnick, published Thursday, said breaches were up by 20% in the first three ...
11 months ago Scmagazine.com
Hackers Leak 50 Million Records in 'Free Leaksmas' Spree - Hackers leaked around 50 million records full of private information. According to cybersecurity company Resecurity, they noticed that right before Christmas Eve, various hackers released a lot of data all at once. Some of this data seemed to come ...
10 months ago Cysecurity.news
Mortgage giant Mr. Cooper data breach affects 14.7 million people - Mr. Cooper is sending data breach notifications warning that a recent cyberattack has exposed the data of 14.7 million customers who have, or previously had, mortgages with the company. Mr. Cooper is a Dallas-based mortgage lending firm that employs ...
11 months ago Bleepingcomputer.com
T-Mobile pays $31.5 million FCC settlement over 4 data breaches - "With companies like T-Mobile and other telecom service providers operating in a space where national security and consumer protection interests overlap, we are focused on ensuring critical technical changes are made to telecommunications networks to ...
1 month ago Bleepingcomputer.com
Android game dev's Google Drive misconfig highlights cloud security risks - Japanese game developer Ateam has proven that a simple Google Drive configuration mistake can result in the potential but unlikely exposure of sensitive information for nearly one million people over a period of six years and eight months. The ...
10 months ago Bleepingcomputer.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)