The Maine government says 1.3 million residents have had their data stolen by the ransomware gang

The government of Maine has confirmed that more than one million state residents had their personal information stolen in a data breach earlier this year by a Russian-backed ransomware gang.

on a statement published Thursday, the Maine government said hackers exploited a weakness in the MOVEit file-transfer system, which stores sensitive data on state residents. Hackers used the vulnerability to access and download files belonging to some state agencies between May 28 and May 29, the statement read.

The Maine government said it disclosed the incident and notified affected residents because its review of the affected files was “recently completed.”

Maine said the stolen information could include a person’s name, date of birth, Social Security number, driver’s license and other state or taxpayer identification numbers. Some individuals have medical and health insurance information taken.

the statement said the state holds information about residents “for a variety of reasons, such as residency, employment, or association with a state agency,” and that the data it holds varies from person to person.

According to the state breakdown of which agencies were affected, more than half of the stolen data related to Maine’s Department of Health and Human Services, with up to a third of the data affecting the Maine Department of Education. The rest of the data affects various other agencies, including Maine’s Bureau of Motor Vehicles and Maine’s Department of Corrections, although the government says the breakdown of information is subject to change.

More than 1.3 million people live in the state of Maine, according to the US Census Bureau.

The government of the state of Maine is the latest victim to disclose a breach related to the MOVEit mass hack, which is believed to be the largest hacking incident of the year by the number of victims alone.

MOVEit systems are file transfer servers used by thousands of organizations around the world to move large sets of often sensitive data over the internet. In May, system maker Progress Software patched a vulnerability that allowed cybercriminals — specifically the notorious Clop ransomware and extortion gang — to hack into MOVEit servers around the world and steal sensitive data. customer data stored internally.

According to cybersecurity firm Emsisoft, which track mass exploitationmore than 2,500 organizations have disclosed MOVEit-related data breaches, affecting at least 69 million people – although the true number is likely to be higher as more organizations come forward ahead.

Emsisoft lists Maine’s security incident as the eleventh largest MOVEit-related breach disclosed at the time of writing, behind Ontario’s birth registry; the states of Colorado, Oregon, and Louisiana; and US government contractor Maximus. Several US federal agencies are also affected including the US Department of Energy.

Clop has not listed Maine on its leak site like other MOVEit-related victims. Ransomware gangs often publish parts of stolen files to extort organizations into paying a ransom. The Clop gang previously claimed it had deleted government data. Cybercriminals are known to mislead or outright lie if it results in them getting paid, or hide stolen data if it becomes financially valuable elsewhere.

Clop is a Russian-speaking ransomware gang, which researchers have linked to previous mass hacking incidents involving similar file transfer tools, including the GoAnywhere file transfer tool of Fortra and the file transfer application of Accelion.

Last week, Progress Software said in a regulatory filing that the US Securities and Exchange Commission subpoenaed the company seeking “various documents and information” related to the MOVEit vulnerability. Development said it intends to “fully cooperate” with the SEC’s investigation.

Leave a comment