The government of Maine confirmed that it suffered a massive data breach on Thursday.
“The State of Maine has determined that this incident has impacted approximately 1.3 million individuals,” explains their recent report.
Maine is one of the latest victims of the MOVEit file transfer software data breach that occurred earlier this year. MOVEit was used by massive corporations and government entities worldwide to transfer important files and documents. When a Russian-linked hacker group was able to exploit vulnerabilities in MOVEit’s software, it gained access to an unparalleled amount of sensitive information.
The report by the Maine government breaks down which agencies and departments were affected the most.
Over 50% of the stolen info is from the Maine Department of Health and Human Services. Between 10-30% of it was from the Maine Department of Education, while the breach is broken up between a number of agencies, including the Maine Workers’ Compensation and the Maine Bureau of Motor Vehicles
Maine stated that the information hackers obtained may include a person’s full name, social security number, address, date of birth, driver’s license, and other identifiable tax information. It’s not known how old the stolen data is or how much hackers may have been able to obtain for every case.
After finishing their assessment, Maine has been notifying individuals whose information was compromised. Hackers gained access to files between May 28 and May 29. Maine responded by blocking internet access to the MOVEit file transfer service.
“The State also implemented security measures recommended by Progress Software, engaged the services of outside legal counsel, and engaged external cybersecurity experts to investigate the nature and scope of the incident,” states the report.
In addition, Maine is offering two years if credit monitoring and identity theft protection to anyone who had their social security number or taxpayer information stolen.