Another major company has come forth as a victim of the massive MOVEit data breach that occurred earlier this year. This time, it’s the University Federal Credit Union.
The union reported that they went through a 4-month-long investigation after they were breached, officially sending letters to customers on October 10th.
Over 100,000 victims have been affected by the data breach and should take precautions such as changing their passwords, monitoring their credit, and making sure their financial information hasn’t been leaked online.
Back in May, the Russian-based Cl0p ransomware gang launched a successful data breach on the MOVEit file transfer service. Unfortunately, this service was widely used by massive corporations and government institutions all around the world.
Over 2,500 organizations have been affected by the breach, affecting an estimated 64 million individuals in total. dozens of class-action lawsuits being levied at the company and the SEC is currently investigating Progress Software, the parent company behind MOVEit.
In this instance, a third-party company that the University Federal Credit Union used for business was hacked, leading to data on their customers being stolen.
The stolen information includes financial account info as well as credit and debit cards.
“We received notice from one of our vendors, MOVEit, that they experienced a global data security event that allowed unauthorized users access to data stored on their software platform,” the union explains in their disclosure.
“Please remember to remain vigilant in reviewing your financial account statements and credit reports for fraudulent or irregular activity on a regular basis.”
The union has stressed that there is no evidence the stolen data is being used for malicious purposes. The credit union is offering up to one free year of identity monitoring services, to make sure you stay safe.
“We will continue to actively monitor this situation,” it stated.