500,000+ Members Affected by MOVEit Exploit


TDECU reports a data breach affecting over 500,000 members due to a MOVEit vulnerability. Compromised data includes Social Security numbers and bank details. Credit monitoring is offered.

Texas Dow Employees Credit Union (TDECU) has revealed that sensitive personal information of over 500,000 members, including Social Security numbers (SSN), bank account details, and driver’s license information, may have been stolen during the widespread MOVEit file transfer hack last year.

The credit union discovered on July 30, 2024, that files containing this data were potentially accessed by malicious actors between May 29 and 31, 2023, when the MOVEit software vulnerability was exploited. TDECU stated that while their broader network security was not compromised, the data breach impacted a third-party vendor used for data transfer.

Impact and Response:

According to the data breach notification filed by the company with Maine’s Attorney General, the breach affects 500,474 individuals, including 54 Maine residents. TDECU is sending notification letters to all impacted members and offering complimentary credit monitoring services to those whose Social Security numbers were potentially compromised.

The credit union emphasizes that, to date, there have been no reported cases of identity or financial fraud related to the incident. However, they advise members to remain vigilant and take proactive steps to protect themselves, such as placing a fraud alert or security freeze on their credit files and regularly reviewing financial statements.

Expert Commentary

Ken Dunham, Cyber Threat Director at Qualys Threat Research Unit, highlighted the ongoing threat posed by vulnerabilities like those found in MOVEit. Dunham noted that the Cl0p ransomware group and others have exploited such vulnerabilities for significant financial gains using double-extortion tactics. He emphasized the importance of proactive measures, such as regular testing and drills, to prevent and respond to cyber threats effectively.

While we may tire from hearing about MOVEit updates in the news, it is critical to apply lessons learned to each organization – what can an organization do to proactively move to the “left of boom” to avoid exploitation, rapidly identify and remediate threats if an incident occurs, and best manage a disaster should one occur? Ken said.

Readiness is more than planning on paper, it requires regular testing, demonstrating TTPs and defensive measures, testing for operational excellence and gaps. It also requires running drills – blackbox, graybox, and whitebox – to continually prepare and adjust to dynamic global threatscape risks to an organization, he advised.

This breach announcement is just another reminder to organizations why they must prioritize cybersecurity and implement best security practices across their entire infrastructure, including third-party vendors.

Additionally, regular security audits, vulnerability assessments, and employee training are essential to effectively mitigate the risk of data breaches and protect sensitive customer information.

  1. Delta Dental Hit with 7M User Data Breach in MOVEit Attack
  2. MOVEit Hack: 630K+ US Defense Officials’ Emails Breached
  3. Sony Data Breach via MOVEit Vulnerability Affects US Users
  4. MOVEit Attack: Russian Hackers Hit British Airways, BBC, Boots
  5. LoanDepot Ransomware Attack Leads to Data Breach; 17M Impacted





Source link