May 8, 2024 at 06:24AM
The University System of Georgia informs 800,000 individuals about the compromise of their personal and financial data in the May 2023 MOVEit hack. The data breach, linked to a ransomware group, affects over 2,000 organizations and around 60 million individuals. USG is offering affected individuals one year of free credit monitoring and related services.
Based on the meeting notes, the University System of Georgia (USG) is informing 800,000 individuals about a data breach that occurred during the MOVEit hack in May 2023. The breach was a result of the Cl0p ransomware group exploiting a vulnerability in Progress Software’s MOVEit Transfer managed file transfer (MFT) software. This led to the theft of personal and financial information, including Social Security numbers, dates of birth, bank account numbers, and tax documents with tax ID numbers.
More than 2,000 organizations, including roughly 900 schools in the US, have disclosed being impacted by the MOVEit hack, affecting over 60 million individuals. USG, a part of the University System of Georgia, is among the affected education entities utilizing MOVEit for transferring and storing sensitive data.
USG has notified affected individuals through letters, providing details of the breach and offering one year of free credit monitoring and related services. The FBI and CISA have confirmed that data was obtained by the cybercriminal group Cl0p and may be published on their website. Additionally, USG initiated the notification process in mid-April and is also providing incident notices on its website.
USG is a system comprising 26 higher education institutions, including research, comprehensive and state universities, state colleges, the Georgia Public Library Service, and the Georgia Archives.
Related incidents include a data breach impacting 13.4 million Kaiser Permanente patients, 1.3 million Maine residents affected by the MOVEit hack, and an SEC investigation into Progress Software regarding the MOVEit hack.