The Teachers Insurance and Annuity Association of America (TIAA) joins the list of organizations affected by Cl0p ransomware gang’s MOVEit data breach, exposing over 2.63 million customers’ sensitive information.
TIAA initially downplayed the impact of the breach but later backtracked, acknowledging that names and Social Security numbers of millions of customers may have been stolen. This disclosure, made to the Attorney General’s Office in Maine, raises concerns as TIAA is a Fortune 500 company providing financial services to millions of professionals.
The cyberattack, attributed to Cl0p ransomware gang, has caused significant damage to various high-profile victims, including Shell, the US Department of Energy, and British Airways.
However, TIAA’s disclosure highlights the challenges organizations face in being transparent about breaches, with many opting to withhold full disclosure until compelled by authorities to avoid reputational damage. The breach, detected on May 29th and reported to Maine authorities on July 4th, prompted the organization to implement additional security measures.
The managed file transfer software, MOVEit Transfer, contained a now-patched zero-day vulnerability that enabled the attackers to access and download stored data. The flaw, an SQL injection vulnerability, allowed the hackers to insert malicious code and manipulate the database’s behavior. The situation remains under investigation, and TIAA is closely cooperating with authorities to understand the full extent of the breach.
As cybersecurity risks continue to evolve, organizations like TIAA must remain vigilant in safeguarding customer data and bolstering their defenses against ransomware attacks.
