Progress Software Faces SEC Probe After MOVEit Data Breach
No attachments for this post
U.S. securities regulators are investigating the MOVEit data breach, which exposed the personal details of 64 million individuals. Progress Software, the creator of the affected software, acknowledged in a recent regulatory filing that it has been subpoenaed by the U.S. Securities and Exchange Commission (SEC) for documents and information linked to the MOVEit vulnerability. Progress highlighted that the SEC's investigation is merely fact-finding and does not imply any legal violations. The company aims to fully cooperate with the inquiry.
Despite the magnitude of the breach, Progress expects minimal financial repercussions from the MOVEit incident. Costs linked to the MOVEit vulnerability amounted to $1 million after considering insurance payouts of around $1.9 million. However, the company is facing 23 legal actions from affected customers and 58 class action lawsuits from affected individuals.
Although it's been half a year since the MOVEit vulnerability was identified, the total number of impacted customers remains uncertain. Cybersecurity firm Emsisoft states that over 2,546 entities have confirmed being affected, impacting over 64 million people. Recent victims include Sony, with over 6,000 employees' data accessed, and Flagstar Bank, which reported more than 800,000 stolen customer records.
Additionally, Progress Software anticipates $4.2 million in additional costs from a separate cyber incident in November 2022. The company discovered unauthorized access to its corporate network, including data exfiltration, in this incident. Details of the accessed data or the number of affected individuals were not provided, but Progress confirmed that the issue was unrelated to previously reported software vulnerabilities. This incident resulted in costs primarily for hiring external cybersecurity experts, and the company secured about $3 million from insurance payouts.
Comments on this post
No comments have been added for this post.
You must be logged in to make a comment.