The 2023 USG Data Breach: 800 Accounts Compromised, A Closer Look

The Breach: Scope and impact 

The University System of Georgia (USG) notified 800,000 people about data breaches during the 2023 Clop MOVEit attacks.

USG is a state government body that oversees 26 public colleges and universities in Georgia, serving approximately 340,000 students.

USG, which controls the state’s higher education institutions, revealed that 800,000 people’s info was exposed in late May due to the Cl0p ransomware operation’s massive MOVEit file transfer system hack. 

Attack Vector: MOVEit file transfer software 

The Clop ransomware group used a zero-day vulnerability in Progress Software’s MOVEit Secure File Transfer product in late May 2023 to launch a major global data theft campaign. 

 Clop Gang: Data exfiltration and ransom demand 

When the threat group launched its extortion phase in the MOVEit attacks, which affected hundreds of organizations worldwide, USG was one of the first to be identified as hacked.

Almost a year later, with the assistance of the FBI and CISA, the USG discovered that Clop had stolen sensitive material from its networks and began informing affected individuals. 

What kind of info compromised? 

According to USG notice, the data breach notifications were made between April

Content was cut in order to protect the source.Please visit the source for the rest of the article.

This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents

Read the original article: