Source: https://techcrunch.com/2023/08/14/millions-americans-health-data-moveit-hackers-clop-ibm/

Millions of Americans had their sensitive medical and health information stolen after hackers exploited a zero-day vulnerability in the widely used MOVEit file transfer software raided systems operated by tech giant IBM.

The Colorado Department of Health Care Policy and Financing (HCPF), which is responsible for administering Colorado’s Medicaid program, confirmed on Friday that it had fallen victim to the MOVEit mass hacks, exposing the data of more than 4 million patients.

In a data breach notification to those affected, Colorado’s HCPF said that the data was compromised because IBM, one of the state’s vendors, “uses the MOVEit application to move HCPF data files in the normal course of business.”

The breach of IBM’s MOVEit systems also impacted Missouri’s Department of Social Services (DSS), though the number of affected individuals is not yet known. More than 6 million people live in Missouri state.