Home / News / Data breach affects 1.3 million Maine residents, says state

Data breach affects 1.3 million Maine residents, says state

The state of Maine confirmed that a Russia-linked ransomware gang stole over a million people’s personal data earlier this year.

Hackers exploited a vulnerability in Maine’s MOVEit file-transfer system, which stored sensitive resident data, the state said Thursday. The statement said hackers downloaded state agency files between May 28 and 29 using the vulnerability.

The Maine government disclosed the incident and notified affected individuals after assessing the files, which “were recently completed.”

Maine said stolen information may include a person’s name, date of birth, Social Security number, driver’s license, and other state or taxpayer IDs. Some had their medical and insurance data stolen.

The statement stated that the state holds data on residents “for various reasons, such as residency, employment, or interaction with a state agency,” which varies by person.

The state reports that more than half of the stolen data belongs to Maine’s Department of Health and Human Services and up to a third to the Department of Education. The remaining data, which the government warns may change, has an impact on other organizations like Maine’s Bureau of Motor Vehicles and Department of Corrections.

The stolen data’s age and date are unknown.

Maine government spokesperson Sharon Huntley told me by email on Friday that the breach is “not a match to the current population, and out-of-state people were exposed as well.” The state has over 1.3 million residents.

Maine’s government reported that 534,194 people—40% of those affected—are state residents in its data breach notice to the attorney general.

The MOVEit mass hack, the largest hacking incident of the year by number of victims, has breached the Maine state government.

Thousands of organizations all over the world use MOVEit file transfer servers to send large amounts of sensitive data online. Progress Software fixed a vulnerability in May that allowed cybercriminals, including the Clop ransomware and extortion gang, to mass-hack MOVEit servers worldwide and steal customers’ sensitive data.

Emsisoft, which has been tracking the mass exploitation, reports that more than 2,500 organizations have disclosed MOVEit-related data breaches, affecting at least 69 million people. As more organizations come forward, the true number may be much higher.

Maine’s security incident is Emsisoft’s eleventh largest MOVEit-related breach, behind Ontario’s birth registry, Colorado, Oregon, and Louisiana, and Maximus. The Department of Energy was among the federal agencies affected.

Maine has not been listed on Clop’s leak site like other MOVEit victims. To demand a ransom, ransomware gangs publish parts of stolen files. The Clop gang has claimed to delete government data. Cybercriminals will lie or keep stolen data if they can profit from it.

Researchers have linked Clop, a Russian-speaking ransomware gang, to mass-hacking incidents involving Fortra’s GoAnywhere and Accellion’s file transfer tools.

SEC subpoenaed Progress Software last week for “various documents and information” related to the MOVEit vulnerability, the company said in a regulatory filing. Progress plans to “cooperate fully” with the SEC investigation.

About Chambers

Check Also

The Air Force has abandoned its attempt to install a directed-energy weapon on a fighter jet, marking another failure for airborne lasers

The U.S. military’s most recent endeavor to create an airborne laser weapon, designed to safeguard …