Jun 23, 2023 - Technology

How to protect your identity after MOVEit breaches

Wallet with data coming out of it.

Ilustration: Rebecca Zisser/Axios

The number of people whose personal information has been exposed or stolen during a series of breaches related to the MOVEit file-transfer tool is continuing to grow — but security experts say there are still some practical steps individuals can take to protect their identities.

Why it matters: Once a malicious actor steals someone's identity, it's challenging and time-consuming for the individual to get it back and clean up the mess.

The big picture: Hackers are believed to have targeted a wide range of organizations — including federal agencies, state governments and corporate entities — using flaws in popular file-transfer tool MOVEit.

  • Cl0p, the Russian ransomware gang reported to have exploited MOVEit vulnerabilities, has listed at least 95 organizations on its dark web site whom it says it has breached.
  • State offices in California and Maryland, as well as a university system in Illinois, said this week they were investigating related breaches on their networks.

Between the lines: Data exposed in these breaches could end up being leaked on the dark web, where malicious actors can purchase it to steal people's identities, open fraudulent accounts or even access existing accounts.

  • Many of the affected organizations have collected people's financial accounts and Social Security numbers — although it's unclear as of now whether hackers successfully stole that data from company networks.

Be smart: Zulfikar Ramzan, chief scientist at identity protection company Aura, told Axios there are several steps that consumers can take now to protect their identities in case hackers did steal their data.

  • First, start monitoring your credit report for signs of new accounts created in your name.
  • Next, change your passwords — especially the ones tied to leaked email addresses — and consider using a password manager that can store and create unique, difficult-to-guess passwords for each account, Ramzan said.
  • Then, sign up for a data broker opt-out program that will wipe any personal data that marketers have collected about you online. The data that brokers collect can make it easier for scammers to impersonate you, Ramzan said.
  • Lastly, use dark-web-scanning tools to see what passwords have been leaked already to figure out what other accounts might need an update.

Yes, but: There's no guarantee that every targeted organization will know it's been impacted or will alert affected consumers if their data was stolen.

Sign up for Axios’ cybersecurity newsletter Codebook here

Go deeper