DIRS.INFO The most relevant business & tech news

[1/2] A sign indicates the direction to the offices of Progress Software in Burlington, Massachusetts, U.S., July 26, 2023. But more than two months after the breach was first disclosed by Massachusetts-based Progress Software, the parade of victims has scarcely slowed. The tallies show that nearly 40 million people have been affected so far by the hack of Progress' MOVEit Transfer file management program. Now the digital extortionists involved, a group named "cl0p", have become increasingly aggressive about thrusting their data into the public domain. MOVEit is used by organizations to ship large amounts of often sensitive data: pension information, social security numbers, medical records, billing data and the like.

Persons: Brian Snyder, Marc Bleicher, cl0p, Huntress Security's John Hammond, Christopher Budd, Sophos, Eric Goldstein, Nathan Little, Emsisoft, Bert Kondruss, Rowe Price, Maximus, Alexander Urbelis, Crowell, Goldstein, didn't, Surefire's, Raphael Satter, Zeba Siddiqui, Chris Sanders, Grant McCool Organizations: Progress Software, REUTERS, FRANCISCO, Reuters, Software, Insurance, of America, Cybersecurity, Infrastructure Security Agency, Tetra Defense, WHO, Pension, California Public Employees, Moring, U.S ., Thomson Locations: Burlington , Massachusetts, U.S, WASHINGTON, American, Massachusetts, York, New York, Louisiana, California, New York City, Oregon

☆ 1st Source says 450,000 records affected in client data breach
▼ + stars: | 2023-07-24 | by ( ) www.reuters.com time to read: 1 min

July 24 (Reuters) - Commercial and Consumer bank 1st Source Corp (SRCE.O) said on Monday a security breach that involved a popular file transfer tool, MOVEit, has impacted about 450,000 records. A third party had gained access to data of its commercial and individual clients, 1st Source reported earlier this month, adding that it was in the process of identifying and notifying individual clients affected. Last month, the U.S. security researchers reported that hackers had stolen data from the systems of a number of users shortly after MOVEit's developer Progress Software Corp (PRGS.O) disclosed that a security flaw had been discovered. MOVEit, made by Massachusetts-based Progress, allows organizations to securely transfer files and data between business partners and customers. Reporting by Pritam Biswas in BengaluruOur Standards: The Thomson Reuters Trust Principles.

Persons: Pritam Biswas Organizations: Consumer, Corp, Progress Software Corp, Thomson Locations: U.S, Massachusetts, Bengaluru

☆ Victims of Cyberattack on File-Transfer Tool Pile Up
▼ + stars: | 2023-07-19 | by ( Catherine Stupp | ) www.wsj.com time to read: +6 min

The list of companies hit by a cyberattack on a widely used software tool continues to expand and several victims have filed lawsuits alleging mishandling of data. The continued disclosure of new victims affected by hackers exploiting a vulnerability in MoveIt, a common file-transfer tool from Progress Software, underscores how cyberattacks can ripple through supply chains. Some companies have been drawn into data breaches without having used MoveIt because their business partners use it. The Cl0p ransomware group has taken responsibility for the cyberattacks and posted data from some victims on its underground website. A 2021 cyberattack on a tool similar to MoveIt—Accellion’s File Transfer Appliance—had similar ripple effects.

Persons: ”, Brett Callow, cyberattacks, Callow, Genworth, PBI, “, Shell, Rob Carr, Suzie Squier, Johns, Johns Hopkins, Emsisoft’s Callow, Catherine Stupp Organizations: Progress Software, . Progress, Progress, Shell, BBC, Energy Department, Genworth Financial, Social, PBI Research Services, U.S . Department of Health, Human Services, Colorado State University, BG Group, Johns Hopkins University, Getty Locations: British, MoveIt, Kaseya, Johns Hopkins

☆ 1st Source says data compromised in MOVEit data breach
▼ + stars: | 2023-07-10 | by ( ) www.reuters.com time to read: +1 min

July 10 (Reuters) - Financing firm 1st Source Corp (SRCE.O) said on Monday a third party gained access to data of its commercial and individual clients as part of the security breach involving popular file transfer tool MOVEit reported last month. The company did not disclose the scale of the data breach, but said it is in the process of identifying and notifying individual clients who have been impacted. 1st Source said it used the software for secure file transfers supporting internal operations and client services. Last month, the U.S. security researchers reported that hackers had stolen data from the systems of a number of users shortly after MOVEit's developer Progress Software Corp (PRGS.O) disclosed that a security flaw had been discovered. MOVEit allows organizations and governmental agencies to transfer files and data between business partners and customers.

Persons: Pritam Biswas, Shailesh Organizations: Source Corp, Progress Software Corp, Thomson Locations: U.S, Bengaluru

☆ Chipmaker TSMC says supplier targeted in cyberattack
▼ + stars: | 2023-06-30 | by ( ) www.reuters.com time to read: +1 min

June 30 (Reuters) - Taiwan Semiconductor Manufacturing Co (2330.TW) said on Friday that a cybersecurity incident involving one of its IT hardware suppliers has led to the leak of the vendor's company data. "TSMC has recently been aware that one of our IT hardware suppliers experienced a cybersecurity incident which led to the leak of information pertinent to server initial setup and configuration," the company said. TMSC confirmed in a statement to Reuters that its business operations or customer information were not affected following the cybersecurity incident at its supplier Kinmax. The TSMC vendor breach is part of a larger trend of significant security incidents affecting various companies and government entities. TSMC said it has cut off data exchange with the affected supplier following the incident.

Persons: TSMC, TMSC, Akriti Sharma, James Pearson, Shailesh Organizations: Taiwan Semiconductor Manufacturing, Thomson Locations: U.S

WASHINGTON, June 28 (Reuters) - The U.S. Department of Health and Human Services (HHS) was among those affected by a wide-ranging hack centered on a piece of software called MOVEit Transfer, Bloomberg News reported on Wednesday. The report comes as the hackers behind the massive breach claimed credit for stealing data from two major law firms, Kirkland & Ellis LLP and K&L Gates LLP. Kirkland and K&L did not immediately return messages left after hours. The group has previously insisted it doesn't deliberately steal data from government organizations, but that doesn't mean that data hasn't been compromised. Bloomberg cited a person familiar with the incident at HHS as saying that tens of thousands of records could have been exposed.

Persons: Ellis, cl0p, Gates, Kirkland, doesn't, Cl0p didn't, Jon Clay, TrendMicro, Raphael Satter, Lincoln Organizations: U.S . Department of Health, Human Services, Bloomberg, Kirkland, Gates, HHS, Progress Software, Thomson Locations: Russian

[1/2] A worker arrives at the Department of Health and Human Services in Washington, October 1, 2013. REUTERS/James Lawler Duggan/File PhotoWASHINGTON, June 28 (Reuters) - The U.S. Department of Health and Human Services (HHS) was among those affected by a wide-ranging hack centered on a piece of software called MOVEit Transfer, a source at HHS said on Wednesday. "While no HHS systems or networks were compromised, attackers gained access to data by exploiting the vulnerability in the MOVEit Transfer software of third-party vendors," a health department official familiar with the matter said. Hackers behind the massive breach also claimed credit for stealing data from two major law firms, Kirkland & Ellis LLP and K&L Gates LLP. Kirkland and K&L did not immediately return messages left after hours.

Persons: James Lawler Duggan, Ellis, cl0p, Gates, Kirkland, doesn't, Cl0p didn't, Jon Clay, TrendMicro, Raphael Satter, Lincoln Organizations: Department of Health, Human Services, REUTERS, WASHINGTON, U.S . Department of Health, HHS, Kirkland, Gates, Bloomberg, Progress Software, Thomson Locations: Washington, Russian

☆ MOVEit hack claims Calpers and Genworth as millions more victims impacted
▼ + stars: | 2023-06-22 | by ( ) www.reuters.com time to read: +2 min

News reports said information from more than 700,000 Calpers members and retirees was taken. The MOVEit software is widely-used by organisations around the world to share sensitive data. Genworth Financial was harder hit, saying personal information of nearly 2.5 million to 2.7 million of its customers was breached. "The personal information of a significant number of insurance policyholders or other customers of its life insurance businesses was unlawfully accessed," Genworth said. The MOVEit hack has hit several state and federal agencies.

Persons: PBI, Calpers, Genworth, Niket, Chris Sanders, Maju Samuel, Daniel Wallis Organizations: Genworth, PBI Research Services, U.S . Department of Energy, Washington DC, Thomson Locations: Calpers, Burlington , Massachusetts, Russia, Bengaluru, Washington

Separately, state agencies said late Thursday that millions of people in Louisiana and Oregon had their data compromised in a security breach. The cyberattack has targeted federal and state agencies. No other federal agencies have confirmed being impacted. And on Thursday, state agencies said 3.5 million Oregonians with driver’s licenses or state ID cards had been impacted by a breach as well as anyone with that documentation in Louisiana. But much of the responsibility now lies on businesses and federal agencies rather than individuals, according to Cattanach.

Persons: “, ” Robert Cattanach, Dorsey, you’re, ”, Clop, Brett Callow, Emsisoft, ” Callow, Aon, they’ve, ” CISA, Allan Liska Organizations: CNN, Infrastructure Security Agency, Whitney, Department of Justice, The Department of Energy, BBC, British Airways, Boston Globe, Sydney Phoenix, US Department of Homeland, Johns Hopkins University, University of Georgia, –, Progress Software Locations: Russian, Louisiana, Oregon, Minnesota, Illinois, Arlington , VA, Baltimore, Georgia’s

☆ Millions of Americans’ personal data exposed in global hack
▼ + stars: | 2023-06-16 | by ( Sean Lyngaas | ) edition.cnn.com time to read: +5 min

CNN —Millions of people in Louisiana and Oregon have had their data compromised in the sprawling cyberattack that has also hit the US federal government, state agencies said late Thursday. The breach has affected 3.5 million Oregonians with driver’s licenses or state ID cards, and anyone with that documentation in Louisiana, authorities said. The hackers exploited a flaw in a popular file-transfer software known as MOVEit made by Massachusetts-based Progress Software. Hundreds of organizations across the globe have likely had their data exposed after the hackers used the flaw to break into networks in recent weeks. US officials described the cyberattack as an opportunistic, financially motivated hack that has not caused disruptions to agency services.

Persons: Casey Tingle, Aon, John Bel Edwards, ” Munish Walther, Puri, It’s, ”, Jeff Greene, “, Greene Organizations: CNN, Department of Energy, BBC, British Airways, University of Georgia, Social, Louisiana Office of Motor Vehicles, Louisiana Gov, US, Progress Software, FBI, Infrastructure Security Agency, National Security Council, Aspen Locations: Louisiana, Oregon, Russian, Massachusetts, Clop, Ukraine

CORPORATE DROPBOXESFTA, GoAnywhere MFT, and MOVEit Transfer are corporate versions of file sharing programs consumers use all the time, like Dropbox or WeTransfer. MFT software often promises the ability to automate the movement of data, transfer documents at scale and provide fine-grained control over who can access what. MFT PROGRAMS CAN BE TEMPTING TARGETSRunning an extortion operation against a well-defended corporation is reasonably difficult, said Recorded Future analyst Allan Liska. "If you can get to one of these file transfer points, all the data is right there. HACKER TACTICS ARE SHIFTINGScooping up data that way is becoming an increasingly important part of the way hackers operate.

Persons: Ransom, GoAnywhere MFT, James Lewis, WeTransfer, Allan Liska, Bam, Liska, Joe Slowik, Huntress, Raphael Satter, Grant McCool Organizations: Software, GoAnywhere, Thomson

☆ US government agencies hit in global hacking spree
▼ + stars: | 2023-06-15 | by ( ) www.reuters.com time to read: +2 min

June 15 (Reuters) - The U.S. government has been hit in a global hacking campaign that exploited a vulnerability in widely used software but does not expect it to have significant impact, the nation's cyber watchdog agency said on Thursday. CISA did not identify the agencies that were hit or say exactly how they had been affected. The FBI and National Security Agency also did not immediately respond to emails seeking details on the breaches. MOVEit, made by Progress Software Corp (PRGS.O), is typically used by organizations to transfer files between their partners or customers. Neither Cl0p nor Progress immediately responded to requests for comment.

Persons: Eric Goldstein, cybersecurity, CISA, Jen, MOVEit, John Hammond, Huntress, Raphael Satter, Kanishka Singh, Zeba Siddiqui, Tanna, Chandi Shah, Jonathan Oatis, Angus MacSwan, Bill Berkrot Organizations: U.S, Cybersecurity, Infrastructure Security Agency, CNN, FBI, National Security Agency, MSNBC, Progress Software Corp, Progress, CITY, Thomson Locations: U.S, United States

☆ Clop: Russian-speaking cyber gang claims credit for hack of BBC and British Airways employee data
▼ + stars: | 2023-06-07 | by ( Sean Lyngaas | ) edition.cnn.com time to read: +3 min

CNN —A group of Russian-speaking cyber criminals has claimed credit for a sweeping hack that has compromised employee data at the BBC and British Airways and left US and UK cybersecurity officials scrambling to respond. The compromise of employee data at the BBC and British Airways came via a breach of a human resources firm, Zellis, that both organizations use. Numerous US state government agencies use the MOVEit software, but it’s unclear how many agencies, if any, have been compromised. The US Cybersecurity and Infrastructure Security Agency has ordered all federal civilian agencies to update the MOVEit software in light of the hack. Progress, the US firm that owns the MoveIT software, has also urged victims to update their software packages and has issued security advice.

Persons: ” They’ve, —, CISA, Eric Goldstein, Charles Carmakal, ”, Allan Liska Organizations: CNN, BBC, British Airways, Infrastructure Security Agency, Federal Bureau of Investigation, Progress Software, FBI, Mandiant Consulting, Google, LinkedIn Locations: Canada

☆ BA, BBC and Boots caught up in file transfer hack
▼ + stars: | 2023-06-05 | by ( ) www.reuters.com time to read: +2 min

BA, the BBC and Boots said the breach occurred at their payroll provider, Zellis. The provincial government of Nova Scotia, in Canada, was also hit by the breach. The data from Zellis and the Nova Scotia government was exposed through their use of the MOVEit file transfer software, both organizations said in separate statements. The Nova Scotia government did not immediate return a request for comment. Boots, part of Walgreens Boots Alliance (WBA.O), said the attack had included some of its employees' personal details.

Persons: Boots, Zellis, Nova, Colton LeBlanc, MOVEit, extortionists, Raphael Satter, Sarah Young, Muvija, Eva Mathews, Paul Sandle, Bill Berkrot Organizations: British Airways, BBC, Nova, Security, Digital Solutions, IAG, Walgreens Boots Alliance, Progress Software, Microsoft, Reuters, Britain . British Airways, Thomson Locations: Nova Scotia, Canada, Zellis, Britain, Washington, London, Bengaluru

☆ Hackers use flaw in popular file transfer tool to steal data, researchers say
▼ + stars: | 2023-06-02 | by ( Zeba Siddiqui | ) www.reuters.com time to read: +2 min

SAN FRANCISCO, June 1 (Reuters) - Hackers have stolen data from the systems of a number of users of the popular file transfer tool MOVEit Transfer, U.S. security researchers said on Thursday, one day after the maker of the software disclosed that a security flaw had been discovered. Software maker Progress Software Corp (PRGS.O), after disclosing the vulnerability on Wednesday, said it could lead to potential unauthorized access into users' systems. The managed file transfer software made by the Burlington, Massachusetts-based company allows organizations to transfer files and data between business partners and customers. Such "zero-day," or previously unknown, vulnerabilities in managed file transfer solutions have led to data theft, leaks, extortion and victim-shaming in the past, Mandiant said. Pitt did not have a comment on who might have been trying to steal data by exploiting the flaw.

Persons: Ian Pitt, Charles Carmakal, Mandiant, Carmakal, Rapid7, Pitt, Zeba Siddiqui, Christopher Cushing Organizations: FRANCISCO, Progress Software Corp, Software, Reuters, Rapid7 Inc, Mandiant Consulting, Google, Thomson Locations: Burlington , Massachusetts, San Francisco

☆ Investing Club: The week in review, the week ahead — Jan. 14, 2023
▼ + stars: | 2023-01-14 | by ( Zev Fima | ) www.cnbc.com time to read: +5 min

Also, earnings season is just kicking off, when we'll learn much more about what companies are seeing on the ground. As a subscriber to the CNBC Investing Club with Jim Cramer, you will receive a trade alert before Jim makes a trade. THE ABOVE INVESTING CLUB INFORMATION IS SUBJECT TO OUR TERMS AND CONDITIONS AND PRIVACY POLICY , TOGETHER WITH OUR DISCLAIMER . NO FIDUCIARY OBLIGATION OR DUTY EXISTS, OR IS CREATED, BY VIRTUE OF YOUR RECEIPT OF ANY INFORMATION PROVIDED IN CONNECTION WITH THE INVESTING CLUB. People shop at the Pioneer Supermarkets on January 12, 2023 in the Flatbush neighborhood of Brooklyn borough in New York City.

Search resuls for: "Progress Software"

16 mentions found