https://www.sec.gov/Archives/edgar/data/1467623/000146762324000024/dbx-20240429.htm
At the very least, the actor(s) was able to obtain hashed passwords, OAUTH tokens, some MFA, phone numbers and API keys. They noticed this on April 24, 2024 according to the 8-K filed with the SEC
The investigation is continuing… AKA change passwords and inventory your data so you are prepared to evaluate your risk
Zero-Day in Progress MOVEit file transfer software allows SQL Injection attack to gain access, create files, and data exfiltration
There are ~2,500 MOVEit servers available on the internet as of 6/1/2023. This is still developing. There are plenty of sources out there and it looks like these attacks started as resent as 5/27/2023.
https://www.huntress.com/blog/moveit-transfer-critical-vulnerability-rapid-response
https://www.bleepingcomputer.com/news/security/new-moveit-transfer-zero-day-mass-exploited-in-data-theft-attacks/
Share this: