Maximus Inc. Falls Victim to Clop Ransomware Group in Data Theft Campaign

July 31, 2023

Maximus Inc. Falls Victim to Clop Ransomware Group in Data Theft Campaign

Maximus Inc. [4] [5], a government services provider [5], has recently fallen victim to a data theft campaign carried out by the Clop ransomware group. This attack targeted 70 new victims, including Maximus [4], and resulted in the compromise of personal information belonging to as many as 11 million people.

Description

Maximus [1] [2] [3] [4] [5], a US firm providing services for Medicaid [1], Medicare [1] [5], and other government schemes [1], recently fell victim to a data theft campaign carried out by the Clop ransomware group. This high-profile attack targeted 70 new victims, including Maximus [4], and the group posted the compromised data on its dark web leak site. The breach exploited a zero-day vulnerability in MOVEit [4], a software used by Maximus, compromising all affected users [4]. Although Maximus’ own IT environment remained secure [1], a significant number of files in the MOVEit environment were affected [1], containing personal information such as social security numbers and protected health information [1] [5]. Maximus promptly launched an investigation and has already taken corrective action to address the weaknesses [4]. Forensic specialists have completed the investigation and identified the data affected by the cybersecurity incident [4]. The stolen data [2], totaling 169 gigabytes [2], has not yet been published [2]. Maximus is currently notifying the 8-11 million individuals whose personal information was compromised and is offering free credit monitoring and identity restoration services. The company has allocated $15 million for investigation and remediation efforts [1]. This incident underscores the importance of conducting regular audits and vulnerability checks for systems managing large amounts of customer data and sensitive personal information [1]. As the number of victims increases [3], the Clop ransomware group has been employing more aggressive extortion techniques.

Conclusion

The breach in Maximus’ MOVEit software has had significant impacts, with personal information of up to 11 million individuals being compromised. Maximus has taken immediate action by launching an investigation, notifying affected individuals [1], and offering free credit monitoring and identity restoration services [1] [5]. The company has also allocated a substantial budget for investigation and remediation efforts. This incident highlights the importance of conducting regular audits and vulnerability checks for systems managing large amounts of customer data and sensitive personal information [1]. As the Clop ransomware group continues to target more victims, it is crucial for organizations to remain vigilant and implement robust cybersecurity measures to mitigate future attacks and protect sensitive data.

References

[1] https://www.infosecurity-magazine.com/news/moveit-campaign-claims-millions/
[2] https://techcrunch.com/2023/07/27/us-government-contractor-says-moveit-hackers-accessed-health-data-of-at-least-8-million-individuals/
[3] https://heimdalsecurity.com/blog/u-s-government-contractor-maximus-hit-by-massive-data-breach/
[4] https://cybersecuritynews.com/maximus-services-contractor/
[5] https://siliconangle.com/2023/07/27/government-services-provider-maximus-hit-moveit-attack/