Underwriting Solutions Private Client
Showing 1 - 10 of 0 results
Page 1 of 1 | Results 1 - 10 of 0
Main image for news
Alert

MOVEit File Transfer Software Vulnerability

By Alliant Cyber

At Alliant, we believe helping our clients manage Cyber risk goes beyond the mechanics of the insurance transaction. Accordingly, we are providing you with actionable information around the recently publicized vulnerability in the Progress MOVEit Transfer software solution to help your organization take appropriate action to protect your data from being exfiltrated.

What’s Happening?
Briefly stated, Progress Software Corporation (the parent company of the software developer in question) has reported that a recently discovered vulnerability in MOVEit Transfer (CVE-2023-34362) could be exploited and allow attackers to gain unauthorized access to data, and to execute SQL statements that alter or delete data. All MOVEit transfer versions are impacted by this vulnerability, and the developer has issued patches for each version. According to the IT website Bleeping Computer, threat actors have already begun mass downloading of data from organizations using this file transfer software. However, as of June 1, 2023, there had been no reported incidents of threat actors extorting their victims, and it remained unclear who was behind the attacks.

What can my company do to address this risk?
Progress MOVEit has provided documentation and guidance on remediation. Progress MOVEit’s configuration hardening and patching guidance should be strongly considered by affected organizations, in order to mitigate the risk associated with this vulnerability.

What if I discover that our data has been exfiltrated as a result of this vulnerability?
Should you need to report a claim for a loss arising out of this incident, please contact your Alliant service team. We can assist you with providing notification to the appropriate insurers and put you in touch with qualified incident response vendors.

For more information, contact your Alliant account manager or visit Alliant Cyber 

This document is provided for general informational purposes only and does not constitute legal, tax, accounting, insurance, brokerage, risk management, or other professional advice. You should consult your own legal counsel or other qualified professional advisors regarding your specific circumstances, and receipt of this document does not create any client, advisory, fiduciary, brokerage, or other professional relationship with Alliant Insurance Services, Inc. This document is provided “as is” without warranty of any kind, and Alliant Insurance Services, Inc. disclaims any liability for any loss or damage arising out of or relating to reliance on this document.

News & Resources

See All
Alliant offers robust crime and fidelity bonds coverage to meet your needs.
Podcast

Specialty Podcast: Analyzing Cyber Risks and Solutions with Crime and Fidelity

Adam Pardi is joined by Mike Beranek, Berkeley Crime, to discuss the importance of crime and fidelity insurance considering ever-evolving threat of social engineering and cyber-crime. The two explore FBI crime statistics and scenarios and provide solutions to best protect your business.
News2 image
Podcast

Specialty Podcast: The Impact of Recent Court Rulings on D&O and BIPA

David Finz and Steve Shappell, take a look at the Delaware Chancery Court ruling in a D&O case, extending the standard of care to officers, creating a higher burden for them in terms of conduct, as well as an Illinois Supreme Court case featuring BIPA litigation, ruling a five-year statute of limitation period applies to actions brought under BIPA and that each act, prior to consent, applies as a separate action.
News3 image
Podcast

Specialty Podcast: An Inside Look at the White House National Cybersecurity Strategy

David Finz is joined by Stephen Vina, Executive Office of the President, to discuss the White House's National Cybersecurity Strategy released on March 2, 2023. Together, they discuss the recently established Office of the National Cyber Director, exploring its mission and core principles.