September 10, 2024 at 08:15AM
WPS notified 950,000 individuals that their personal information was stolen in the MOVEit hack. The Russian-speaking Cl0p ransomware group exploited a zero-day in the MOVEit Transfer software, affecting 2,800+ organizations and compromising personal details of 96 million people. WPS will issue new Medicare cards and provide credit monitoring and identity protection services.
Based on the meeting notes, the key takeaways are:
1. Wisconsin Physicians Service Insurance Corporation (WPS) notified approximately 950,000 individuals that their personal information was stolen in the MOVEit hack, where the Russian-speaking Cl0p ransomware group exploited a zero-day in the MOVEit Transfer managed file transfer software.
2. Cybersecurity firm Emsisoft reported that close to 2,800 organizations were affected by the hack, with personal information of roughly 96 million people being stolen.
3. WPS announced on September 6 that 946,801 Medicare beneficiaries in the US were likely affected by the hack, including some Centers for Medicare & Medicaid Services (CMS) beneficiaries.
4. Initial investigation in 2023 did not find evidence of unauthorized access to WPS MOVEit application files, but a second investigation in May 2024 confirmed that files were stolen and included personal information such as names, addresses, Social Security numbers, and more.
5. WPS is providing affected individuals with one year of credit monitoring and identity protection services and encouraging them to remain vigilant for fraud attempts.
6. There are related data breaches impacting other organizations, such as the Texas Dow Employees Credit Union and Avis, as well as a settlement with Home Depot over a 2014 data breach.
These points summarize the key information from the meeting notes regarding the WPS MOVEit hack and its impact on affected individuals as well as related data breaches.