An worldwide hacking gang at HEIDELBERG and many other firms exploited a security flaw in Progress' MOVEit data transfer programme, which was created by the software corporation.
As soon as Progress released a security update, the company updated its systems and got to work on a number of meticulous, human data analysis.
A criminal complaint will also be filed by HEIDELBERG after it quickly contacted outside specialists, notified the appropriate authorities, and summoned in the experts.
In order to clarify the problem and jointly identify answers, the company swiftly got in touch with its clients and staff, and it still keeps in regular contact with them.
TPRM report: https://scoringcyber.rankiteo.com/company/heidelberg
"id": "hei15824723",
"linkid": "heidelberg",
"type": "Data Leak",
"date": "06/2023",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"{'affected_entities': [{'name': 'HEIDELBERG', 'type': 'Company'},
{'name': 'Many other firms', 'type': 'Company'}],
'attack_vector': 'Exploitation of Vulnerability',
'description': 'An worldwide hacking gang at HEIDELBERG and many other firms '
"exploited a security flaw in Progress' MOVEit data transfer "
'programme, which was created by the software corporation.',
'impact': {'data_compromised': True,
'systems_affected': ['MOVEit data transfer programme']},
'regulatory_compliance': {'legal_actions': ['Criminal complaint to be filed']},
'response': {'communication_strategy': ['Contacted clients and staff',
'Regular updates'],
'incident_response_plan_activated': True,
'law_enforcement_notified': True,
'remediation_measures': ['Updated systems with a security update',
'Human data analysis'],
'third_party_assistance': True},
'threat_actor': 'Worldwide hacking gang',
'title': 'Data Breach at HEIDELBERG and Other Firms',
'type': 'Data Breach',
'vulnerability_exploited': "Security flaw in Progress' MOVEit data transfer "
'programme'}