Nova Scotia says all victims of MOVEit breach have been notified

One of many first North American organizations to endure a knowledge breach due to a vulnerability within the MOVEit file-transfer software program says it has notified greater than 165,000 folks that their private info was stolen.

The federal government of Nova Scotia mentioned on Thursday that it has completed sending letters to all victims of the incident in late Could and is spending CA$2.85 million Canadian ($2.16 million) for credit score monitoring companies.

“Now, we are able to flip our focus to setting out the teachings we’ve realized and making certain departments are doing what they should do to maintain Nova Scotians’ private info protected,” mentioned Colton LeBlanc, the province’s cybersecurity minister, in a information launch.

The timeline of the Nova Scotia response underscores how time-consuming it may be for a authorities to research stolen knowledge and formally notify victims. The province initially warned residents on June 4 in regards to the breach, one among many this yr which have affected hundreds of thousands of individuals collectively.

The provincial authorities mentioned 118,000 individuals had “delicate private info, corresponding to social insurance coverage numbers or banking info,” stolen within the incident. One other 47,000 letters additionally went to individuals who had “much less delicate” info stolen. To date about 29,000 individuals have signed up for the free credit score monitoring.

Within the incident, hackers discovered a approach to exploit a bug in MOVEit, a file-transfer software from U.S.-based Progress Software program that’s used everywhere in the world. The Clop ransomware gang, particularly, has taken credit score for dozens of assaults. Within the U.S., federal and state authorities companies have been additionally among the many targets.