Security news aggregator

Latest coverage for MOVEit

MOVEit is a managed file-transfer platform whose vulnerabilities can expose sensitive data and enable unauthorized access to connected systems.

152 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

MOVEit is Progress’s managed file-transfer platform for exchanging and automating transfers of files between organizations, users, applications, and business partners. Deployments may include the web-based MOVEit Transfer server, APIs, and cloud services, often handling payroll, health, financial, or other sensitive records.

Its security significance centers on internet-facing transfer interfaces and the concentration of valuable data in the platform. SQL-injection flaws in MOVEit Transfer, including CVE-2023-34362, were exploited to access systems and steal files, making prompt application of vendor security updates and careful asset inventory essential. Practitioners should restrict administrative access, review exposed services and API permissions, monitor for unusual authentication or download activity, and preserve relevant server and web logs. After a suspected compromise, organizations need to determine which files and accounts were accessed, because the platform’s contents may trigger privacy, contractual, or regulatory reporting obligations.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 152 Filtered view
Bank Info Security 2 months, 2 weeks ago

NY Fines Delta Dental $2.25M Over 2023 MOVEit Hack

Investigators Find Violations of State Cyber RegulationsNew York fined Delta Dental $2.25 million for the company's response to the mass exploit of a zero-day vulnerability in Progress Software' MOVEit file transfer application. Delta Dental is one of thousands of organizations caught up in the blast radius of an automated 2023 Memorial Day hack.

Bank Info Security 10 months, 3 weeks ago

Nuance Agrees to Pay $8.5M to Settle MOVEit Hack Litigation

Settlement Is Latest Among Scores of Other MOVEit Lawsuits Still PendingNuance Communications, a Microsoft subsidiary, has agreed to pay $8.5 million to settle class action litigation filed after hackers exploited a zero-day flaw in Progress Software's MOVEit file transfer software in 2023, stealing data belonging to more than a dozen of Nuance's healthcare clients.

Threat intelligence firm GreyNoise is warning of a "notable surge" in scanning activity targeting Progress MOVEit Transfer systems starting May 27, 2025—suggesting that attackers may be preparing for another mass exploitation campaign or probing for unpatched systems.MOVEit Transfer is a popular managed file transfer solution used by businesses and government agencies to share sensitive data

File-Transfer Software Being Exploited by One or More Groups; Vendor Pushes PatchesThe ransomware group Clop is claiming credit for the mass exploitation of managed file-transfer software built by Cleo Communications, following on from the similar targeting of MOVEit file-transfer in 2023. Many large organizations rely on the MFT server software to securely transfer files.

Yet another result of the MOVEit mess Hundreds of thousands of employees from major corporations including Xerox, Nokia, Koch, Bank of America, Morgan Stanley and others appear to be the latest victims in a massive data breach linked to last year's attacks on file transfer tool MOVEit.…

Bank Info Security 1 year, 9 months ago

CMS Now Says 3.1 Million Affected by MOVEit Hack

New Estimate Is 3 Times Higher Than Number Agency Initially Publicly DisclosedThe U.S. Centers for Medicare and Medicaid Services has updated the scope of the MOVEit hacking breach last year, telling a sister agency that the software supply chain attack affected more than 3.1 million individuals - about three times the number of victims disclosed publicly earlier this month.

Loading more headlines...