GEICO Becomes Another Victim Of MOVEit

It appears that US insurer GEICO has become the latest victim of the MOVEit Flaw and that this might be bad. WKBW has the details:

A Geico spokesperson confirmed with 7 News that MOVEit, an outside software program that Geico uses to transfer data to third-party vendors, was involved in a data breach. MOVEit told 7 News that the company disclosed the vulnerability on May 31, and deployed a patch the same day.

However, employees and former employees feel that they are under threat:

Heather Dudziak said she worked for Geico and left the job about a month ago. She claims her information was hacked because the company has put cyber security on the back burner.”My information, my daughter’s information, my husband’s information and my step-father’s information was leaked due to this data breach,” Dudziak said. 

She said her social security number and her family’s social security number were shared with the company for her health insurance which she believes was then obtained by hackers. She added that her former co-workers have told her others are experiencing the same thing.

“This is a violation of not only my security, my daughter, my husband, my stepdaughters and I just don’t feel safe,” she added. 

That’s extremely bad. Damir J. Brescic, CISO, Inversion6 had this to say:

I would like to know what steps GEICO has taken to bolster their cybersecurity posture due to this incident.

A few thoughts pop to mind of what they could have done; starting with ensuring that MOVEit was regularly updated with the latest security patches and fixes.  They should have implemented a robust access control and authentication mechanism within MOVEit to prevent unauthorized access to sensitive data.  I am also a big fan of two-factor authentication, strong password policies, and role-based access control as effective ways to restrict access to authorized personnel only.

This incident serves as a reminder to customers to do their own due diligence, by considering several factors.  They should understand the potential risks involved and take steps to protect their own person information, such as using strong and unique passwords and enabling two-factor authentication whenever possible.  Regular monitoring of financial statements and credit reports can also help detect any suspicious activities that may result from a data breach.

MOVEit is going to continue to claim victims until companies who use MOVEit take whatever steps are required to ensure that their attack surface is as small as possible. Then they should go to every vendor, supplier, etc. and ensure that they are doing the same thing. Because as is the case here, these attacks don’t just affect companies, they affect people too.

Leave a Reply

%d bloggers like this: