Nuance adds 1.2M patients to the MOVEit hack victims list

Nuance Communications, a software services provider, was part of a large-scale cyberattack exploiting a flaw in MOVEit managed file transfer software. The attack potentially impacted over a dozen of its customers and affected more than 1.2 million individuals, whose personal and health information may have been stolen. The company has begun notifying affected individuals and states of the privacy breaches. The vulnerability allowed hackers to access confidential information stored within Nuance's MOVEit environment between May 28 and May 29.

The cyberattack, which affected more than 2,000 organizations worldwide, was part of a "hydra-headed breach" that exploited a flaw in Progress Software. Despite being patched within days, significant damage was done, and the number of victims is estimated to be around 62 million people. The majority of the attacks were aimed at the United States. Nuance, which was acquired by Microsoft in 2021, has previously dealt with malware attacks in 2017.

Key takeaways:

Nuance Communications was a victim of a massive cyberattack exploiting a flaw in MOVEit managed file transfer software, potentially impacting over a dozen of its customers and over 1.2 million individuals.
The vulnerability allowed hackers to gain unauthorized access to confidential information stored within Nuance's MOVEit environment between May 28 and May 29.
More than 2,000 organizations in various sectors worldwide have been estimated to be victims of the MOVEit protected data exfiltration attack.
Nuance, which was acquired by Microsoft in 2021, has previously dealt with malware attacks, notably the Petya/NotPetya malware attacks in 2017.

Nuance adds 1.2M patients to the MOVEit hack victims list

Key takeaways:

Comments (0)

Newsletter