Live
- Pakistan acknowledges Indian strike on Noor Khan airbase; BJP hails Army's valour
- Techie Killed in Bengaluru After Argument Over Cigarette; Accused Arrested
- OpenAI Launches Codex: ChatGPT’s New AI Coding Agent for Engineers
- Painter Stabbed by Four-Man Gang Near Bantwal; Police Suspect Personal Enmity
- 42.50 quintals of black jaggery seized
- FPIs pump in Rs 8,831 crore into Indian equities, highest single-day inflow since March
- Pak govt itself involved in terrorism, we will expose them on global stage: JD(U) MP Sanjay Jha
- Delhi GM Open 2025 to commence on June 7 with record prize pool of Rs 1.21 crore
- Telangana tops World Drug Control rankings, CM Revanth Reddy lauds police
- Former CPI(M) MLA Pradeepkumar appointed private secretary to Kerala CM
Over 4 mn Americans' health data stolen after MOVE it hackers hit IBM
Hackers exploited a zero-day vulnerability in the MOVEit file-transfer software to steal sensitive medical and health information data of millions of Americans, the US authorities have revealed.
Hackers exploited a zero-day vulnerability in the MOVE it file-transfer software to steal sensitive medical and health information data of millions of Americans, the US authorities have revealed.
The Colorado Department of Health Care Policy and Financing (HCPF) said it had fallen victim to the MOVE it mass hacks, exposing the data of more than 4 million patients.
The department said in a statement that data was compromised because IT major IBM "uses the MOVE it application to move HCPF data files in the normal course of business."
“IBM, a third-party vendor contracted with HCPF, uses the MOVE it application to move HCPF data files in the normal course of business,” said the department.
“Progress Software publicly announced that the MOVE it problem was the result of a cybersecurity incident, which impacted many users around the world, including IBM. No HCPF or State of Colorado systems were affected by this issue,” it added.
After IBM notified HCPF that it was impacted by the MOVE it incident, the Colorado department launched an investigation to understand whether the incident impacted its own systems, and to determine whether Health First Colorado or CHP+ members’ protected health information was accessed by an unauthorised party.
“The investigation identified that certain HCPF files on the MOVE it application used by IBM were accessed by the unauthorised actor. These files contained certain Health First Colorado and CHP+ members’ information,” the department revealed.
The information that could have been subject to unauthorised access includes name, Social Security number, medical information, and health insurance information.
The HCPF admitted about 4.1 million individuals are affected.
IBM has yet to publicly confirm that it was affected by the MOVE it mass hacks.
Maximus, a US government services contracting company, in July confirmed that hackers exploited a vulnerability in MOVE it Transfer to access the protected health information of 8 to 11 million individuals.
Maximus is a contractor that manages and administers federal and local government-sponsored programmes, as well as student loan servicing.
The breach is believed to be the largest healthcare data breach of the year, as well as the most serious to result from the MOVE it mass-hackings.
In the US Securities and Exchange Commission (SEC) filing, Maximum revealed that the data was stolen by exploiting a zero-day vulnerability in the MOVE it file transfer application.
