Health Information Was Stolen During The MOVEit Attack, Warns Missouri

Tyler Cross
Tyler Cross Senior Writer
Tyler Cross Tyler Cross Senior Writer

In the latest update on the MOVEit data security incident, the Missouri Department of Social Services (DSS) has released a warning about Medicaid information being exposed during the breach.

Earlier this year, the MOVEit file transfer service was breached by the Cl0p ransomware gang, resulting in over 600 companies and various state and federal government organizations around the world facing extensive data breaches.

This week, the Missouri Department of Social Services disclosed that their patient’s Medicare information was stolen via the data breach on IBM; vendors for the agency who were using the MOVEit file transfer service during the critical breach.

The information that was breached includes the patient’s name, date of birth, eligibility status, coverage and claims, and Department Client Number (DCN).

“IBM notified DSS of the incident on June 2, 2023, informing DSS that IBM had applied any

recommended MOVEit software fixes and had stopped using the MOVEit Transfer application

while they investigated to determine if any DSS data had been accessed,” states the report by the DSS.

“The data vulnerability did not directly impact any DSS systems, but impacted data belonging to DSS,” they say. “DSS took immediate steps in response to this incident that are ongoing.”

Earlier this week, IBM told Bleeping Computer that they’ve taken steps to minimize the impact of the breach, as well as severing ties with the MOVEit file transfer service. The report by the DSS also highlights that they’re working with the proper authorities to combat the threat and to understand exactly what data was lost.

“DSS is continuing to investigate this incident, and we will take all appropriate actions to protect and safeguard Missourians’ information that has been entrusted to DSS.”

If you believe you were impacted by this breach, the DSS is working with three major reporting services (TransUnion, Equifax, and Experian) to provide free credit freezing.

About the Author
Tyler Cross
Tyler Cross
Senior Writer

About the Author

Tyler is a writer at SafetyDetectives with a passion for researching all things tech and cybersecurity. Prior to joining the SafetyDetectives team, he worked with cybersecurity products hands-on for more than five years, including password managers, antiviruses, and VPNs and learned everything about their use cases and function. When he isn't working as a "SafetyDetective", he enjoys studying history, researching investment opportunities, writing novels, and playing Dungeons and Dragons with friends."