Expand / Collapse search
Watch TV
Menu

This material may not be published, broadcast, rewritten, or redistributed. ©2024 FOX News Network, LLC. All rights reserved. Quotes displayed in real-time or delayed by at least 15 minutes. Market data provided by Factset. Powered and implemented by FactSet Digital Solutions. Legal Statement. Mutual Fund and ETF data provided by Refinitiv Lipper.

TECH

Massive cyberattack strikes millions: Are you at risk?

Find out how dangerous this attack could become to your privacy and security

By Kurt Knutsson, CyberGuy Report Fox News
Published
close
Kurt "CyberGuy" Knutsson shows you how to make Siri listen longer Video

Kurt "CyberGuy" Knutsson shows you how to make Siri listen longer

Siri is known to cut people off midsentence, but there's away to make Siri listen longer. CyberGuy shows you how to customize the wait time.

Millions of Americans are facing a significant threat to their personal data as a result of a massive cyberattack targeting the widely used file-transfer program known as MOVEit. The impact so far is vast, even compromising residents of Louisiana and Oregon who possess driver's licenses or state identification cards, and there are concerns among officials that the number of affected individuals could increase sizably. 

CLICK TO GET KURT’S FREE CYBERGUY NEWSLETTER WITH SECURITY ALERTS, QUICK TIPS, TECH REVIEWS AND EASY HOW-TO’S TO MAKE YOU SMARTER

Moreover, this breach has far-reaching consequences, impacting numerous firms and organizations, including multinational corporations, federal and state agencies, and universities.

HOW YOU CAN CLAIM PART OF THE $23 MILLION GOOGLE PRIVACY SETTLEMENT

Photo of a hacker wearing a Guy Fawkes mask.

A large cyberattack could affect millions of Americans. (CyberGuy.com)

Millions of driver's license data stolen

The Louisiana Office of Motor Vehicles (OMV) says that the data of all individuals in Louisiana who possess a state-issued driver's license, ID or car registration may have been compromised and exposed by this attack. The OMV says those impacted likely had the following personal information exposed: name, address, Social Security number, birth date, height, eye color, driver's license number, vehicle registration information, and handicap placard information. The Oregon DMV says its MOVEit Transfer data breach impacted approximately 3.5 million Oregonians with an ID or driver's license.

MAP BURIED INSIDE YOUR PHONE REVEALS WHERE YOU’VE BEEN AND PHOTOS YOU SNAPPED THERE

Woman visibly upset, looking at her phone.

Millions of Americans may have had their personal information exposed in a recent data breach. ( )

Who else has been affected?

Aside from those residents affected in Oregon and Louisiana, numerous large corporations across the world have stated that their data was affected, including BBC, British Airways and Aon. Multiple U.S. federal agencies and universities also have been impacted by the breach, including the Department of Energy. One senior U.S. official stated that hundreds of companies could end up being hit by this data breach.

THOUSANDS OF IMPOSTER WEBSITES DISCOVERED MIMICKING TOP BRANDS TO STEAL YOUR BANKING INFO

How did this data breach happen?

Whoever hacked this information was able to do so by exploiting a flaw in a commonly used data file-transfer software called MOVEit, which was made by the Massachusetts-based Progress Software Corp.  The U.S. government and many companies use MOVEit to send large files.

8 GREAT IPHONE ACCESSIBILITY TIPS TO MAKE LIFE EASIER

Has the stolen data been sold or released?

There has been no record yet of this data being sold or released. MOVEit has been ordered by cybersecurity experts and federal agencies to continue to give updates on the breach. However, the team at MOVEit, unfortunately, found another vulnerability in their software that they are now focusing on fixing.

HOW TO GO PAPERLESS BY TURNING YOUR PHONE INTO A PORTABLE SCANNER

Who is taking responsibility for the attack?

A Russian hacker group called Clop is taking credit for the attack. The group has previously been known to demand multimillion-dollar ransoms. As of yet, the U.S. government has not received any requests for money from the group. Clop is instead focusing on getting money from larger corporations.

MORE: MASSIVE FREE VPN DATA BREACH EXPOSES 360M RECORDS 

What if my information was compromised?

If you are a resident of either Louisiana or Oregon or anyone else concerned about protecting themselves from identity fraud, here are some steps you can take:

Steps to take to protect yourself against identity fraud

1) Monitor your accounts

Regularly review your bank statements, credit card statements, and other financial accounts for any unauthorized activity. If you notice any suspicious transactions, report them immediately to your bank or credit card company.

2) Place a fraud alert

Contact one of the three major credit reporting agencies (Equifax, Experian or TransUnion) and request a fraud alert to be placed on your credit file. This will make it more difficult for identity thieves to open new accounts in your name without verification.

3) Check your credit reports

Obtain a free copy of your credit report from each of the three credit reporting agencies mentioned earlier. Review the reports carefully for any suspicious or unauthorized activity. If you find any inaccuracies or signs of fraud, report them to the credit reporting agency immediately.

4) Freeze your credit

Consider placing a credit freeze on your credit reports. This will restrict access to your credit file, making it difficult for anyone to open new accounts using your information. Keep in mind that this may also affect your ability to apply for new credit, so weigh the pros and cons before opting for a credit freeze.

AMAZON MAY SOON OFFER FREE WIRELESS PHONE SERVICE

5) Be cautious of phishing attempts

Be vigilant about emails, phone calls or messages from unknown sources asking for personal information. Avoid clicking on suspicious links or providing sensitive details unless you can verify the legitimacy of the request.

6) Enable two-factor authentication

Enable two-factor authentication whenever possible. This adds an extra layer of security by requiring a second form of verification, such as a code sent to your phone, in addition to your password.

7) Check Social Security benefits

It is crucial to periodically check your Social Security benefits to ensure they have not been tampered with or altered in any way, safeguarding your financial security and preventing potential fraud.

8) Request an "Identity Protection Pin" from the IRS

By requesting an "Identity Protection Pin" from the Internal Revenue Service, individuals can effectively deter any attempts of unauthorized tax filing using their personal information.

9) Strengthen your passwords 

Ensure that you have strong, unique passwords for your online accounts. Consider using a password manager to generate and store complex passwords securely.

Check out my best expert-reviewed password managers of 2023 by heading to CyberGuy.com/Passwords

10) Invest in identity theft protection 

Identity Theft protection companies can monitor personal information like your home title, Social Security number, phone number and email address, and alert you if it is being sold on the dark web or being used to open an account. They can also assist you in freezing your bank and credit card accounts to prevent further unauthorized use by criminals.

One of the best parts of using some services is that they might include identity theft insurance of up to $1 million to cover losses and legal fees and a white glove fraud resolution team where a U.S.-based case manager helps you recover any losses.

See my tips and best picks on how to protect yourself from identity theft by visiting CyberGuy.com/IdentityTheft

11) Keep software up to date

Regularly update your operating system, antivirus software, web browsers and other applications to ensure you have the latest security patches and protections.

MORE: MASSIVE DISTRIBUTION OF MALWARE EXPOSES GAMERS TO THEFT AND DATA BREACHES 

Computer screen with code and graphics of locks.

There are steps you can take to keep your information safe. ( )

How can I check if my information was sold on the dark web?

To check if your information was sold on the dark web, you can go to haveibeenpwned.com and enter your email address into the search bar. The website will search to see what data of yours is out there and display if there were data breaches associated with your email address on various sites. 

If your personal data is on the web, see my tips and best picks for removing yourself from the internet by going to CyberGuy.com/Delete

Kurt's key takeaways

Regrettably, occurrences like this latest massive cyberattack have become commonplace, highlighting the urgent need for preventative measures by all of us. It is crucial to be proactive in safeguarding your personal information. I recommend you follow my precautions above to stay one step ahead of cybercriminals.

CLICK HERE TO GET THE FOX NEWS APP

What more do you think could be done about data breaches and protecting people's information? Let us know by writing us at CyberGuy.com/Contact

For more of my security alerts, subscribe to my free CyberGuy Report Newsletter by heading to CyberGuy.com/Newsletter

Copyright 2023 CyberGuy.com.  All rights reserved.

Kurt "CyberGuy" Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on "FOX & Friends." Got a tech question? Get Kurt’s free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.