October 2, 2023

Federal health officials have notified a data breach that could involve the information of more than 100,000 people.

U.S. Department of Health and Human Services said that attackers gained access to the department’s data by exploiting MOVEit vulnerability.

The HHS official did not provide details on the type of data affected but said none of the department’s systems or networks were compromised. Instead, the hackers accessed data managed by third-party vendors that the official did not name.


The breach of the MOVEit file-transfer program, discovered last month, is estimated by cybersecurity experts to have compromised hundreds of organizations globally.

Earlier this week, the Tennessee Consolidated Retirement System said the data of more than 171,000 retirees and beneficiaries was involved in the breach. Last week, California’s public pension fund said the personal data of more than 769,000 retired workers and beneficiaries had been stolen.

Progress Software alerted customers to the breach on May 31 and issued a patch. The Cl0p ransomware is behind the hack and has indicated that it would extort victims, threatening to dump their data online if they don’t pay up.

Leave a Reply

%d bloggers like this: