Cyberattacks continue to become more sophisticated as bad actors around the world exploit even the slightest weaknesses in online systems. We want to let you know about one such attack and make sure you protect yourself.
Recently, hackers compromised the personal data of nearly 40 million individuals by exploiting a security vulnerability in a file transfer tool known as MOVEit. It’s estimated that more than 600 organizations worldwide have had their data breached in this incident.1
MOVEit is a popular tool used by companies, institutions, and even governments to transfer data. The 600 + organizations exposed to the hack run the gamut, including educational organizations - colleges, universities, and even New York City public schools, the Louisiana and Oregon motor vehicle authorities, pension management organizations such as the California Public Employees' Retirement System, financial firms like T. Rowe Price and TD Ameritrade, and even a government agency – the U.S. Department of Health and Human Services.1
If you had dealings with an impacted organization and your data was affected, you should have been notified by letter. Please read the letter carefully and follow the instructions.
If you think you may have had your private data exposed, immediately contact the national credit bureaus to request fraud alerts, security freezes, and opt outs from pre-screened credit offers be added to your profile. It’s easy to do, using the contact info below:2
- Experian
- TransUnion
Even if your data was not impacted by this hack, there are prudent steps you can take to pro-actively lower your chances of being a victim of criminals who prey on the public in our digital world. Here are a few quick tips you can do to help protect yourself:
- Don’t use the same password for multiple applications. Consider using a password manager that securely stores your login info. That way, you only need to remember one password.
- Implement multi-factor authentication for high-risk logins like your email or other personal online accounts. This requires two forms of identification, and while it might seem annoying, the slight inconvenience is worth it to protect yourself.
- Avoid using public phone chargers at places like airports or restaurants. They can contain malware that gives hackers access to your devices. Use your own portable charger instead.
Criminal enterprises will continue attempting cyberattacks and institutions, including the ones we work with, will continue to fight the good fight to protect your data. While security systems have been put in place to continually monitor and fight threats, it is incumbent on you to stay diligent when it comes to your own cyber security and take some sensible precautions.
1 Analysis: MOVEit hack spawned over 600 breaches but is not done yet -cyber analysts | Reuters