Honeywell International, a prominent US-based technology conglomerate, has disclosed a major cybersecurity incident in which the MOVEit hack exposed the Social Security numbers (SSNs) of over 100,000 individuals. This breach occurred amid a surge in MOVEit Transfer-related hacks orchestrated by the Cl0p ransomware gang.
Furthermore, Honeywell began notifying affected individuals in June, shortly after discovering the breach, which was triggered by the exploitation of a vulnerability in the MOVEit Transfer tool used for specific business operations. The exposed information, including names and SSNs, has put a total of 118,379 individuals at risk, highlighting the serious consequences of such data breaches, as stolen SSNs can be exploited in identity theft alongside names and driver’s license numbers.
Honeywell’s significant stature across various industrial sectors, such as aerospace, automotive products, and industrial control systems, underscores the widespread impact of this breach. With over 100,000 employees and reported revenues exceeding $35 billion in 2022, the company’s data breach raises concerns about the security of highly sophisticated organizations in the face of evolving cyber threats.
The MOVEit Transfer attacks, attributed to the Cl0p gang, have had a profound impact, affecting nearly 1,200 organizations and over 55 million individuals. This raises questions about the scale and complexity of cyber threats in today’s interconnected world, with the gang also known by various aliases like TA505, Lace Tempest, Dungeon Spider, and FIN11, adding to the intrigue surrounding their activities.
Prominent organizations like TD Ameritrade, American Airlines, TomTom, and many others have had their clients exposed in these attacks, reflecting the urgent need for enhanced cybersecurity measures.