As reported by BleepingComputer, the Clop ransomware gang began exploiting a previously unknown zero-day vulnerability (tracked as CVE-2023-34362) in the popular file transfer software MOVEit Transfer on May 27.
Since this software is used by large companies from a wide variety of industries from finance and education to energy, IT, healthcare and more as well as by government organizations, the impact of this data breach is already being felt worldwide.
Given that the Louisiana Office of Motor Vehicles (OMV) and the Oregon Driver & Motor Vehicles Services both use MOVEit Transfer as part of their operations, Louisiana and Oregon are now warning that millions of driver’s licenses and other state-issued documents have been obtained by the Clop ransomware gang following the attacks from last month.
State-issued IDs and documents stolen by hackers
In a new alert, Louisiana’s OMV revealed that it believes that everyone who lives in the state and has a state-issued driver’s license, ID or car registration likely had their personal data exposed by Clop.
According to the OMV, the full names, physical addresses, Social Security numbers, birth dates, height, eye color, driver’s license numbers, vehicle registration information and handicap placard information of Louisiana residents was exposed. However, the agency says that so far, there has been no indication that the hackers responsible have used, sold, shared or released any of this stolen data yet.
In fact, the Clop ransomware gang may have actually deleted this data as they promised to erase any stolen government data in an announcement put out following the data breach.
Meanwhile, Oregon’s DMV also released a statement along with a press release in which it explained that approximately 3.5 million Oregonians with an ID or driver's license have been impacted as a result of the MOVEit breach. Unfortunately though, the state’s authorities have said that they are unable to identify specific victims at this time which means that all residents of the state will need to take the necessary precautions and assume that the Clop ransomware gang has their personal data.
How to stay safe if your personal data was exposed in the MOVEit data breach
As of now, the Clop ransomware gang has only revealed which companies and organizations have been affected as the result of the MOVEit data breach on its data leak site. None of the data stolen in the breach has been leaked yet but it could be.
We also don’t know whether or not the group will honor its promise to delete stolen government data. For the moment, we’re going to have to take the hackers behind this massive data breach at their word but there are still precautions you can take if you live in either Louisiana or Oregon.
For starters, you want to operate on the assumption that your data was stolen by the Clop ransomware gang. This means that you will need to monitor your credit reports, bank statements and other financial accounts for signs of identity theft. At the same time, you also want to be on the lookout for targeted phishing attacks that may use this stolen data against you or as a lure to pay the hackers responsible.
If you’ve already signed up for one of the best identity theft protection services, they will be able to help you recover your identity as well as any funds lost to fraud. However, you would have needed to be a paying subscriber before the MOVEit breach occurred to take advantage of these protections.
For now though, we should all be extra careful online regardless of whether or not we live in Louisiana or Oregon as US federal agencies and businesses around the world have been impacted by this massive data breach.