California-based eye care provider MESVision disclosed a data breach impacting nearly 350,000 patients after cybercriminals exploited a zero-day vulnerability in Progress Software’s MOVEit Transfer web application. MESVision, serving thousands of employer groups across the US, manages vision care plans for leading healthcare organizations and insurers.
In a notification to Maine’s Attorney General, MESVision detailed the incident, triggered by the exploitation of the MOVEit Transfer application earlier this year. Upon learning of the breach from Progress Software, MESVision immediately shut down the affected server and launched an internal investigation, working with cybersecurity experts.
The breach, occurring on May 28 and May 31, 2023, compromised data of patients enrolled in MESVision’s vision benefit plans, exposing names, personal identifiers, and Social Security Numbers of at least 346,828 individuals.
Taking rigorous measures, MESVision rebuilt the MOVEit system to meet vendor requirements and implemented enhanced security measures before reactivating the system. The healthcare provider has advised affected individuals to monitor their credit reports for suspicious activities and is offering a year of complimentary identity monitoring services via Kroll, encompassing credit monitoring and identity theft restoration.
The breach is part of a larger trend, with over 2,390 organizations worldwide falling victim to Clop ransomware exploiting vulnerabilities in Progress Software’s MOVEit Transfer web application. German cybersecurity research firm KonBriefing reports that these exploits have impacted up to 73.8 million individuals globally as of November 16.
