US hit by major cyberattack, hackers exploit IBM, steal over millions of people’s healthcare, personal data
Technology 

US hit by major cyberattack, hackers exploit IBM, steal over millions of people’s healthcare, personal data

Team Khabarnama24


In one of the biggest hacks or data leaks to have hit the US, healthcare and personal data of over 10 million people have been stole by a group of hackers, targeting IBM. The hackers exploited a vulnerability in the super popular MOVEit file transfer software that IBM uses

Over millions of people in the US had their private medical info stolen by hackers who found a sneaky way into the super popular MOVEit file transfer software used by IBM.

The Colorado Department of Health Care Policy and Financing (HCPF), the folks in charge of Colorado’s Medicaid program, got hit hard, and more than 4 million patient records got exposed in the process.

Hackers target IBM
HCPF had to notify people affected, explaining that the data got compromised because IBM, one of their vendors, was using MOVEit to move around HCPF’s files. The thing is, no HCPF or Colorado government systems got messed with, but the bad actors did get into some HCPF files on the MOVEit app that IBM was using.

Related Articles

Microsoft’s role in data breach by Chinese hackers to be part of US cyber inquiry

Artificial Not-So-Intelligence: IBM ‘hypnotises’ AI bots into telling users to rob banks, maim others

And here’s what those files held: full names, birthdays, addresses, Social Security digits, Medicaid and Medicare ID numbers, money info, medical details like lab results and meds, and health insurance stuff.

All in all, around 4.1 million people got caught up in this mess.

Hackers did not damage the network, just stole data
This attack on IBM’s MOVEit systems also got to Missouri’s Department of Social Services (DSS), affecting many people. Missouri has more than 6 million residents. DSS made it clear that this data breach didn’t mess with their systems directly, but it did mess with the data they had. So, names, client numbers, birthdates, benefits info, and medical claims data might’ve been nabbed.

Surprisingly, neither HCPF nor DSS are showing up on the dark web where the Clop ransomware gang is bragging about their hacks. Those hackers are all about “government data,” but these two aren’t listed.

Another govt department hacked
Right on the heels of all this chaos, the Department of Higher Education there got hit with ransomware, too. Hackers swiped have 16 years’ worth of data. Last month, Colorado State University got caught up in a MOVEit-related mess, affecting lots of students and staff.

PH Tech, the company that takes care of data for several healthcare insurers, got tangled up in the MOVEit hacks. They’re saying 1.7 million Oregon residents’ health info got hit.

But the biggest breach this year, not related to MOVEit, belongs to HCA Healthcare. They accidentally left out the welcome mat for hackers and 11.2 million people’s names, addresses, and appointment info walked right in.



Source link