Hackers steal data from MOVEit Transfer users

According to US security researchers, a group of hackers has successfully stolen data from several users of the MOVEit Transfer software. The software's developer, Progress Software Corp, recently announced the discovery of a security flaw that could potentially grant unauthorised access to users' systems. The software facilitates file and data transfers between businesses and their partners or customers. While the exact number of affected organisations remains unknown, Progress Software has released fixes for the vulnerability since its detection on May 28. The incident has also impacted the software's cloud-based service, although no exploitation has been detected so far. Cybersecurity firms Rapid7 and Mandiant Consulting have identified cases of data theft resulting from the flaw's exploitation. Such previously unknown vulnerabilities in file transfer solutions have historically led to data breaches, leaks, extortion, and victim-shaming. While the motive behind the attack is unclear, organisations are advised to prepare for potential extortion or public disclosure of the stolen data. Progress Software has provided guidelines for users to mitigate security risks. The company is working with forensic partners to gain a comprehensive understanding of the situation.