The Vermont Department of Financial Regulation reports that the large-scale data security breach of the MOVEit software has compromised the personally identifiable information of roughly 42,000 Vermonters and more than 38 million consumers nationwide.
The breach occurred when CLOP Ransomware Gang, a known threat actor, infiltrated the MOVEit file transfer software used by many public and private organizations.
The department first issued a consumer alert about this breach on July 19.
The breach is estimated to have affected 600 organizations worldwide, according to Reuters. They include educational institutions, motor vehicle agencies, and retirement benefit managers.
As of last Friday, 43 life insurance and other companies regulated by the Vermont department or associated with a regulated entities’ data, have reported data breaches related to the MOVEit file transfer software, with additional companies reporting breaches weekly.
Many of the entities were impacted through a third-party called PBI Research Services, Inc. (PBI), which provides third-party services to insurance companies doing business in Vermont.
PBI has sent notices directly to impacted Vermonters. Persons whose information was compromised in the breach should receive a letter from PBI, or from one of the insurers affected, the department advised.
Topics Cyber
Was this article valuable?
Here are more articles you may enjoy.
With Falling Private Re Prices, Should Florida Let Insurers Buy Less From the Cat Fund? 
Palm Beach Billionaires Feud Over Who’s Really Protecting the Everglades 
Viewpoint: Japan’s $550B Bet on America—What it Means for the US Insurance Market 
Business Interruption Claims Arising From the Middle East Conflict 
