Cybersecurity Alert: Major Data Breach Exposes Millions of Records in Global Supply Chain Attack
A sophisticated supply chain attack has compromised a widely used software provider, exposing sensitive data for millions of users worldwide. The breach, detected in late June 2024, targeted MoveIt Transfer, a managed file transfer (MFT) solution developed by Progress Software, which is utilized by thousands of organizations across finance, healthcare, and government sectors.
Attackers exploited a zero-day vulnerability (CVE-2024-5806) in the software, allowing unauthorized access to databases storing confidential files. The Cl0p ransomware gang has claimed responsibility, asserting they exfiltrated terabytes of data, including personal records, financial documents, and intellectual property. While Progress Software released a patch on June 25, 2024, delayed updates left many systems vulnerable, with breaches reported in North America, Europe, and Asia.
The incident has triggered regulatory scrutiny, with authorities in the U.S. (CISA), UK (NCSC), and EU (ENISA) issuing advisories. Affected entities include U.S. federal agencies, British Airways, and the BBC, among others. The attack underscores the growing threat of supply chain exploits, where a single vendor compromise can cascade across multiple industries. Investigations remain ongoing to assess the full scope of the breach and potential secondary infections.
Source: https://www.wcvb.com/article/smarter-data-breach-attacks/70314171
British Airways TPRM report: https://www.rankiteo.com/company/associated-british-foods-plc
Progress Software TPRM report: https://www.rankiteo.com/company/progress-software
"id": "proass1771035896",
"linkid": "progress-software, associated-british-foods-plc",
"type": "Breach",
"date": "2/2026",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': 'Thousands of organizations',
'industry': 'Technology',
'location': 'Global',
'name': 'Progress Software',
'type': 'Software Provider'},
{'industry': 'Public Sector',
'location': 'North America',
'name': 'U.S. federal agencies',
'type': 'Government'},
{'industry': 'Aviation',
'location': 'Europe',
'name': 'British Airways',
'type': 'Corporation'},
{'industry': 'Broadcasting',
'location': 'Europe',
'name': 'BBC',
'type': 'Media'}],
'attack_vector': 'Zero-day vulnerability exploitation',
'data_breach': {'data_exfiltration': 'Yes',
'number_of_records_exposed': 'Millions',
'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Personal records',
'Financial documents',
'Intellectual property']},
'date_detected': '2024-06',
'description': 'A sophisticated supply chain attack has compromised a widely '
'used software provider, exposing sensitive data for millions '
'of users worldwide. The breach targeted MoveIt Transfer, a '
'managed file transfer (MFT) solution developed by Progress '
'Software, which is utilized by thousands of organizations '
'across finance, healthcare, and government sectors. Attackers '
'exploited a zero-day vulnerability (CVE-2024-5806) in the '
'software, allowing unauthorized access to databases storing '
'confidential files. The Cl0p ransomware gang has claimed '
'responsibility, asserting they exfiltrated terabytes of data, '
'including personal records, financial documents, and '
'intellectual property. The incident has triggered regulatory '
'scrutiny, with authorities in the U.S. (CISA), UK (NCSC), and '
'EU (ENISA) issuing advisories.',
'impact': {'data_compromised': 'Terabytes of data, including personal '
'records, financial documents, and '
'intellectual property',
'identity_theft_risk': 'High',
'systems_affected': 'MoveIt Transfer (MFT) solution'},
'investigation_status': 'Ongoing',
'lessons_learned': 'Growing threat of supply chain exploits, where a single '
'vendor compromise can cascade across multiple industries',
'motivation': 'Data exfiltration, Financial gain',
'post_incident_analysis': {'root_causes': 'Delayed patching of zero-day '
'vulnerability (CVE-2024-5806)'},
'ransomware': {'data_exfiltration': 'Yes', 'ransomware_strain': 'Cl0p'},
'references': [{'source': 'Progress Software Advisory'},
{'source': 'CISA Advisory'},
{'source': 'NCSC Advisory'},
{'source': 'ENISA Advisory'}],
'regulatory_compliance': {'regulatory_notifications': ['CISA (U.S.)',
'NCSC (UK)',
'ENISA (EU)']},
'response': {'communication_strategy': 'Regulatory advisories issued',
'containment_measures': 'Patch released (June 25, 2024)'},
'stakeholder_advisories': 'Regulatory advisories issued by CISA, NCSC, and '
'ENISA',
'threat_actor': 'Cl0p ransomware gang',
'title': 'Major Data Breach Exposes Millions of Records in Global Supply '
'Chain Attack',
'type': 'Supply Chain Attack, Data Breach, Ransomware',
'vulnerability_exploited': 'CVE-2024-5806'}