The data leak includes over 2.8 million lines of information, featuring employees’ names, work contact details, and their assigned work locations. The cybersecurity firm Hudson Rock says that this breach is part of a larger wave of attacks linked to a critical MOVEit vulnerability (CVE-2023-34362) exploited by a user named Nam3L3ss. The flaw, discovered in mid-2023, allowed hackers to bypass security protocols, resulting in significant corporate data leaks across finance, healthcare, technology, and retail sectors. Hudson Rock cybersecurity firm flagged the MOVEit incident, linking it to exposed directories from 25 major companies, revealing names, emails, phone numbers, and internal structures—valuable for phishing and identity theft.
