{"id":54136,"date":"2023-10-16T02:58:14","date_gmt":"2023-10-16T02:58:14","guid":{"rendered":"https:\/\/www.threatshub.org\/blog\/regulator-insurers-and-customers-all-coming-for-progress-after-moveit-breach\/"},"modified":"2023-10-16T02:58:14","modified_gmt":"2023-10-16T02:58:14","slug":"regulator-insurers-and-customers-all-coming-for-progress-after-moveit-breach","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/regulator-insurers-and-customers-all-coming-for-progress-after-moveit-breach\/","title":{"rendered":"Regulator, insurers and customers all coming for Progress after MOVEit breach"},"content":{"rendered":"<p><span class=\"label\">Infosec in brief<\/span> The fallout from the exploitation of bugs in Progress Software&#8217;s MOVEit file transfer software continues, with the US Securities and Exchange Commission (SEC) now investigating the matter, and lots of affected parties seeking compensation.&nbsp;<\/p>\n<p>Progress admitted to the ill winds of corporate responsibility blowing its way in a quarterly SEC 10-Q <a href=\"https:\/\/www.sec.gov\/Archives\/edgar\/data\/876167\/000087616723000190\/prgs-20230831.htm\" rel=\"nofollow\">filing<\/a>. Per the disclosure, it received a subpoena from the SEC on October 2, in which the Commission asked for &#8220;various documents and information relating to <a href=\"https:\/\/www.theregister.com\/2023\/06\/01\/moveit_transfer_zero_day\/\">the MOVEit Vulnerability<\/a>.&#8221;<\/p>\n<p>&#8220;At this stage, the SEC investigation is a fact-finding inquiry, the investigation does not mean that Progress or anyone else has violated federal securities laws,&#8221; the application vendor explained, adding that it intends to fully cooperate.&nbsp;<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"condor\" data-xsm=\",fluid,mpu,\" data-sm=\",fluid,mpu,\" data-md=\",fluid,mpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZSy15JmD@3NeR@B-4f1R1AAAAwU&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZSy15JmD@3NeR@B-4f1R1AAAAwU&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<p>Progress also admitted it&#8217;s facing a slew of other litigation \u2013 both in the US and in other countries \u2013 over the breach, far in excess of the <a href=\"https:\/\/www.theregister.com\/2023\/07\/20\/moveit_victim_count\/\">dozen or so<\/a> cases it was reportedly facing as of July.&nbsp;<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"falcon\" data-xmd=\",fluid,mpu,leaderboard,\" data-lg=\",fluid,mpu,leaderboard,\" data-xlg=\",fluid,billboard,superleaderboard,mpu,leaderboard,\" data-xxlg=\",fluid,billboard,superleaderboard,brandwidth,brandimpact,leaderboard,mpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44ZSy15JmD@3NeR@B-4f1R1AAAAwU&amp;t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44ZSy15JmD@3NeR@B-4f1R1AAAAwU&amp;t=ct%3Dns%26unitnum%3D426raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<div class=\"adun_eagle_desktop_story_wrapper\">\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"mid\" data-raptor=\"eagle\" data-xxlg=\",mpu,dmpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33ZSy15JmD@3NeR@B-4f1R1AAAAwU&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33ZSy15JmD@3NeR@B-4f1R1AAAAwU&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<\/p><\/div>\n<p>&#8220;We are party to 58 class action lawsuits filed by individuals who claim to have been impacted by the exfiltration of data from the environments of our MOVEit Transfer customers,&#8221; Progress stated in the filing. Those cases were consolidated into a single lawsuit in Massachusetts earlier this month.&nbsp;<\/p>\n<p>Again, that&#8217;s not all.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"falcon\" data-xsm=\",fluid,mpu,\" data-sm=\",fluid,mpu,\" data-md=\",fluid,mpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44ZSy15JmD@3NeR@B-4f1R1AAAAwU&amp;t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44ZSy15JmD@3NeR@B-4f1R1AAAAwU&amp;t=ct%3Dns%26unitnum%3D426raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<p>Progress has also received &#8220;formal letters&#8221; from 23 MOVEit customers who claim the vulnerability has cost them money, and some &#8220;have indicated that they intend to seek indemnification.&#8221; In addition, Progress is also facing a subrogation claim from an insurer, which means it&#8217;s &#8220;seeking recovery for all expenses incurred in connection with the MOVEit Vulnerability.&#8221;&nbsp;<\/p>\n<p>&#8220;We have also been cooperating with several inquiries from domestic and foreign data privacy regulators, inquiries from several state attorneys general,&#8221; and it&#8217;s also being investigated by an unnamed federal law enforcement agency.&nbsp;<\/p>\n<p>A recently discovered exploit in another Progress file transferring app, <a href=\"https:\/\/www.theregister.com\/2023\/10\/02\/ws_ftp_update\/\">WS_FTP<\/a>, merited barely a mention in the SEC filing. Progress wrote only that it had patched issues and acknowledged active exploitation.&nbsp;<\/p>\n<div class=\"boxout\" readability=\"27.312234494477\">\n<h3 class=\"crosshead\">Critical vulnerabilities of the week<\/h3>\n<p>We start this week&#8217;s list of the latest critical vulnerabilities and known exploits with Fortinet, which released <a href=\"https:\/\/www.cisa.gov\/news-events\/alerts\/2023\/10\/11\/fortinet-releases-security-updates-multiple-products\" rel=\"nofollow\">several<\/a> security updates \u2013 including a pair of critical ones in FortiSIEM, FortiManager and FortiAnalyzer.&nbsp;<\/p>\n<p>A bunch of FortiSIEM versions are vulnerable to <a href=\"https:\/\/fortiguard.fortinet.com\/psirt\/FG-IR-23-085\" rel=\"nofollow\">multiple<\/a> CVSS 9.7-level path traversal vulnerabilities that can lead to privilege escalation, while FortiManager and FortiAnalyzer (multiple versions) are vulnerable to <a href=\"https:\/\/www.fortiguard.com\/psirt\/FG-IR-23-189\" rel=\"nofollow\">privilege escalation<\/a> via specially-crafted HTTP requests (CVSS 8.6). Patches are available for both issues.<\/p>\n<p>As for industrial control systems, despite CISA releasing a <a href=\"https:\/\/www.cisa.gov\/news-events\/alerts\/2023\/10\/12\/cisa-releases-nineteen-industrial-control-systems-advisories\" rel=\"nofollow\">19-item<\/a> notification list, only a few of the issues were serious:<\/p>\n<ul>\n<li>CVSS 9.8 \u2013 <a href=\"https:\/\/www.cisa.gov\/news-events\/ics-advisories\/icsa-23-285-02\" rel=\"nofollow\">Multiple CVEs<\/a>: Siemens SCALANCE W1750D WAPs contain a series of vulnerabilities that can allow an attacker to disclose info, deny service and remotely execute code.<\/li>\n<li>CVSS 9.8 \u2013 <a href=\"https:\/\/www.cisa.gov\/news-events\/ics-advisories\/icsa-23-285-09\" rel=\"nofollow\">CVE-2023-36380<\/a>: Siemens CP-8031 and CP-8050 master modules store a hard-coded ID in their SSH authorized_keys config file, giving anyone with the private key login access to affected devices, which are those with debug support activated.<\/li>\n<li>CVSS 9.8 \u2013 <a href=\"https:\/\/www.cisa.gov\/news-events\/ics-advisories\/icsa-23-285-12\" rel=\"nofollow\">Multiple CVEs<\/a>: Weintek&#8217;s common gateway interface used for several of its CMT3000-series devices contains vulnerabilities allowing attackers to hijack control flow and bypass authentication.&nbsp;<\/li>\n<li>CVSS 9.1 \u2013 <a href=\"https:\/\/www.cisa.gov\/news-events\/ics-advisories\/icsa-23-285-13\" rel=\"nofollow\">CVE-2023-4562<\/a>: Multiple models of Mitsubishi Electric&#8217;s MELSEC-F PLCs are improperly authenticating, leaving them open to tampering by remote attackers.<\/li>\n<li>CVSS 8.0 \u2013 <a href=\"https:\/\/www.cisa.gov\/news-events\/ics-advisories\/icsa-23-285-05\" rel=\"nofollow\">CVE-2023-43625<\/a>: All versions of Siemens&#8217;s Simcenter Amesim software prior to V2021.1 are vulnerable to code injection that could let an attacker perform DLL injection and execute arbitrary code.&nbsp;<\/li>\n<\/ul>\n<p>As for newly discovered known exploited vulnerabiilties, there&#8217;s only a couple to report that we didn&#8217;t cover elsewhere this week. They may not be as severe as the others, but they&#8217;re still being exploited in the wild, so take care:&nbsp;<\/p>\n<ul>\n<li>CVSS 7.8 \u2013 <a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-21608\" rel=\"nofollow\">CVE-2023-21608<\/a>: If users open malicious PDFs in Acrobat Reader versions 22.003.20282 or 20.005.30418 and earlier, they could find themselves affected by a use after free vulnerability allowing an attacker to execute arbitrary code.<\/li>\n<li>CVSS 6.6 \u2013 <a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-20109\" rel=\"nofollow\">CVE-2023-20109<\/a>: Cisco GET VPN is vulnerable to an OOB write attack that can allow an attacker to execute code and crash affected devices.<\/li>\n<\/ul>\n<\/div>\n<h3 class=\"crosshead\">CISA adds new ransomware risk cataloging resources<\/h3>\n<p>The US Cybersecurity and Infrastructure Security Agency is expanding its pool of resources for those fighting to prevent ransomware infections, with two new initiatives as part of the agency&#8217;s Ransomware Vulnerability Warning Pilot <a href=\"https:\/\/www.theregister.com\/2023\/03\/24\/cisa_microsoft_cloud_ransomware\/\">program<\/a>.<\/p>\n<p>The first takes the form of a new column in the Agency&#8217;s Known Exploited Vulnerabilities <a href=\"https:\/\/www.cisa.gov\/known-exploited-vulnerabilities-catalog\" rel=\"nofollow\">catalog<\/a> that indicates whether an actively exploited weakness is known to be used in ransomware campaigns.&nbsp;<\/p>\n<div aria-hidden=\"true\" class=\"adun\" id=\"story_eagle_xsm_sm_md_xmd_lg_xlg\" data-pos=\"mid\" data-raptor=\"eagle\" data-xsm=\",mpu,dmpu,\" data-sm=\",mpu,dmpu,\" data-md=\",mpu,dmpu,\" data-xmd=\",mpu,dmpu,\" data-lg=\",mpu,dmpu,\" data-xlg=\",mpu,dmpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33ZSy15JmD@3NeR@B-4f1R1AAAAwU&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33ZSy15JmD@3NeR@B-4f1R1AAAAwU&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<p>The change is already live and present on all vulnerabilities added to the catalog. The aforementioned Progress software exploits, along with Log4j and other well-known vulnerabilities, all indicate that they&#8217;ve been used by ransomware actors.&nbsp;<\/p>\n<p>The second, and arguably more important one for those trying to harden an environment, is the new <a href=\"https:\/\/www.cisa.gov\/stopransomware\/misconfigurations-and-weaknesses-known-be-used-ransomware-campaigns\" rel=\"nofollow\">list<\/a> of Misconfigurations and Weaknesses Known to be Used in Ransomware Campaigns. The catalog isn&#8217;t CVE-based, and still quite short, listing vulnerable services like RDP, VNC, SMB and the like, and what ports are commonly used to <a href=\"https:\/\/www.theregister.com\/2023\/10\/06\/cisa_top_10_misconfigurations\/\">exploit misconfigurations<\/a>.<\/p>\n<h3 class=\"crosshead\">17k+ WordPress sites hacked to add malware injector last month<\/h3>\n<p>Cyber security firm and GoDaddy subsidiary Sucuri said in a recent <a href=\"https:\/\/blog.sucuri.net\/2023\/10\/balada-injector-targets-unpatched-tagdiv-plugin-newspaper-theme-wordpress-admins.html\" rel=\"nofollow\">report<\/a> that more than 17,000 WordPress websites have been hit by a cross-site scripting <a href=\"https:\/\/wpscan.com\/vulnerability\/e6d8216d-ace4-48ba-afca-74da0dc5abb5\/\" rel=\"nofollow\">vulnerability<\/a> in a Composer plugin used by WordPress premium theme maker tagDiv.&nbsp;<\/p>\n<p>Cross-site scripting attacks <a href=\"https:\/\/www.theregister.com\/2023\/05\/08\/wordpress_plugin_vulnerability\/\">aren&#8217;t a new issue for WordPress<\/a> implementations that use various themes with plugins of questionable origin or software supply chain, and this latest issue seems like more of the same.&nbsp;<\/p>\n<p>In this case, tagDiv&#8217;s Composer plugin is used in its Newspaper and Newsmag premium themes, which Sucuri said is used by over 135,000 paying customers. Newsmag is in use on another <a href=\"https:\/\/themeforest.net\/item\/newsmag-news-magazine-newspaper\/9512331\" rel=\"nofollow\">18,579 sites<\/a>, but neither figure accounts for pirated copies of the theme, Sucuri noted.&nbsp;<\/p>\n<p>Injectors like Balada hijack legitimate services and can be used to run malicious code on websites to phish users, hijack credentials and steal PII, among other actions. Sucuri includes infection mitigation steps in its report, starting critically with scanning WordPress sites to check for any malicious code \u2013 a tool for which Sucuri just happens to have handy.&nbsp;\u00ae<\/p>\n<p> READ MORE <a href=\"https:\/\/go.theregister.com\/feed\/www.theregister.com\/2023\/10\/16\/infosec_in_brief\/\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Also, CISA cataloging new ransomware data points, 17k WP sites hijacked by malware in Sept., and more critical vulns Infosec in brief\u00a0 The fallout from the exploitation of bugs in Progress Software&#8217;s MOVEit file transfer software continues, with the US Securities and Exchange Commission (SEC) now investigating the matter, and lots of affected parties seeking compensation.\u00a0\u2026  READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[63],"tags":[],"class_list":["post-54136","post","type-post","status-publish","format-standard","hentry","category-the-register"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.8 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Regulator, insurers and customers all coming for Progress after MOVEit breach 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/regulator-insurers-and-customers-all-coming-for-progress-after-moveit-breach\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Regulator, insurers and customers all coming for Progress after MOVEit breach 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/regulator-insurers-and-customers-all-coming-for-progress-after-moveit-breach\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2023-10-16T02:58:14+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZSy15JmD@3NeR@B-4f1R1AAAAwU&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/regulator-insurers-and-customers-all-coming-for-progress-after-moveit-breach\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/regulator-insurers-and-customers-all-coming-for-progress-after-moveit-breach\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Regulator, insurers and customers all coming for Progress after MOVEit breach\",\"datePublished\":\"2023-10-16T02:58:14+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/regulator-insurers-and-customers-all-coming-for-progress-after-moveit-breach\\\/\"},\"wordCount\":1055,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/regulator-insurers-and-customers-all-coming-for-progress-after-moveit-breach\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZSy15JmD@3NeR@B-4f1R1AAAAwU&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\",\"articleSection\":[\"The Register\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/regulator-insurers-and-customers-all-coming-for-progress-after-moveit-breach\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/regulator-insurers-and-customers-all-coming-for-progress-after-moveit-breach\\\/\",\"name\":\"Regulator, insurers and customers all coming for Progress after MOVEit breach 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/regulator-insurers-and-customers-all-coming-for-progress-after-moveit-breach\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/regulator-insurers-and-customers-all-coming-for-progress-after-moveit-breach\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZSy15JmD@3NeR@B-4f1R1AAAAwU&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\",\"datePublished\":\"2023-10-16T02:58:14+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/regulator-insurers-and-customers-all-coming-for-progress-after-moveit-breach\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/regulator-insurers-and-customers-all-coming-for-progress-after-moveit-breach\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/regulator-insurers-and-customers-all-coming-for-progress-after-moveit-breach\\\/#primaryimage\",\"url\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZSy15JmD@3NeR@B-4f1R1AAAAwU&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\",\"contentUrl\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZSy15JmD@3NeR@B-4f1R1AAAAwU&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/regulator-insurers-and-customers-all-coming-for-progress-after-moveit-breach\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Regulator, insurers and customers all coming for Progress after MOVEit breach\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Regulator, insurers and customers all coming for Progress after MOVEit breach 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/regulator-insurers-and-customers-all-coming-for-progress-after-moveit-breach\/","og_locale":"en_US","og_type":"article","og_title":"Regulator, insurers and customers all coming for Progress after MOVEit breach 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/regulator-insurers-and-customers-all-coming-for-progress-after-moveit-breach\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2023-10-16T02:58:14+00:00","og_image":[{"url":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZSy15JmD@3NeR@B-4f1R1AAAAwU&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/regulator-insurers-and-customers-all-coming-for-progress-after-moveit-breach\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/regulator-insurers-and-customers-all-coming-for-progress-after-moveit-breach\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Regulator, insurers and customers all coming for Progress after MOVEit breach","datePublished":"2023-10-16T02:58:14+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/regulator-insurers-and-customers-all-coming-for-progress-after-moveit-breach\/"},"wordCount":1055,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/regulator-insurers-and-customers-all-coming-for-progress-after-moveit-breach\/#primaryimage"},"thumbnailUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZSy15JmD@3NeR@B-4f1R1AAAAwU&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","articleSection":["The Register"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/regulator-insurers-and-customers-all-coming-for-progress-after-moveit-breach\/","url":"https:\/\/www.threatshub.org\/blog\/regulator-insurers-and-customers-all-coming-for-progress-after-moveit-breach\/","name":"Regulator, insurers and customers all coming for Progress after MOVEit breach 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/regulator-insurers-and-customers-all-coming-for-progress-after-moveit-breach\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/regulator-insurers-and-customers-all-coming-for-progress-after-moveit-breach\/#primaryimage"},"thumbnailUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZSy15JmD@3NeR@B-4f1R1AAAAwU&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","datePublished":"2023-10-16T02:58:14+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/regulator-insurers-and-customers-all-coming-for-progress-after-moveit-breach\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/regulator-insurers-and-customers-all-coming-for-progress-after-moveit-breach\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/regulator-insurers-and-customers-all-coming-for-progress-after-moveit-breach\/#primaryimage","url":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZSy15JmD@3NeR@B-4f1R1AAAAwU&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","contentUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZSy15JmD@3NeR@B-4f1R1AAAAwU&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0"},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/regulator-insurers-and-customers-all-coming-for-progress-after-moveit-breach\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"Regulator, insurers and customers all coming for Progress after MOVEit breach"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/54136","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=54136"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/54136\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=54136"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=54136"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=54136"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}