About 2,620 organizations and 77.2 million people have been impacted by the hacking of file transfer service MOVEit since May earlier this year, according to New Zealand-based cybersecurity firm Emsisoft. Russian-linked ransomware group Clop had claimed responsibility for the attack on June 6.
US-based organizations are the worst impacted, with 78.1% of the affected organizations from the country. It was followed by Canada with 14%, Germany with 1.4%, and the UK with 0.8% of the affected organizations, according to Emsisoft.
Most of the impacted organizations are from the education sector, with 40.6% coming from this segment, followed by health (19.2%) and finance and professional services (12.1%). The findings by Emsisoft are based on data from public disclosures, SEC filings, state breach notifications, and Clop’s website.
The severity of the cyberattack can be gauged by the fact that it impacted the customer records of antivirus major Gen Digital, the parent company of Norton and Avast.
Avast revealed that some of its customers’ “low-risk customer personal information” was compromised. As per the Emsisoft report, the MOVEit incident affected the data of three million of Avast’s individual customers.
MOVEit impacted several prominent businesses as well as government organizations. Maximus, Louisiana Office of Motor Vehicles, Alogent, Colorado Department of Health Care Policy and Financing, Welltok, US Department of Energy, Shell Oil, British Airways, State of Maine, Genworth, and Oregon Department of Transportation are some of the other organizations impacted by the MOVEit incident.