Home - Article

Featured Article

September 01, 2023

Eversource Data Breach: Another Cybersecurity Wake-Up Call

Data breaches, privacy violations, financial losses and a damaged reputation are things businesses never want to experience. A data breach alone can cost $4.45 million in 2023, according to IBM. That is a big price to pay. Therefore, it is crucial for organizations to identify and address data vulnerabilities to protect sensitive information and maintain data integrity and confidentiality.

But occasionally, data vulnerabilities are first seen by bad actors. Case in point is the MOVEit Transfer vulnerability.

The Cybersecurity and Infrastructure Security Agency had to release a security advisory, through Progress Software, for the MOVEit Transfer vulnerability in June. This came after Progress discovered a vulnerability in MOVEit Transfer that could lead to escalated privileges and potential unauthorized access to the environment.

For those unfamiliar with it, the MOVEit Transfer vulnerability, CVE-2023-34362, is a SQL injection vulnerability that could allow an unauthenticated attacker to access and manipulate a business's database. The vulnerability impacted all versions of the MOVEit file transfer service, including on-premises and cloud-based versions.

The vulnerability was exposed by a group called Clop. The established ransomware group carries out organized cybercrime where hackers try to remotely extort victims by remotely encrypting their data or stealing and threatening to publish files. The group’s victims include the BBC, Shell, Johns Hopkins Health Systems, British Airways, the state of Illinois and the departments of motor vehicles of Oregon and Louisiana.

Eversource is added to that list, now.

Eversource is a public utility holding company that provides electricity, natural gas and water services. They serve over 4.4 million customers in Connecticut, Massachusetts and New Hampshire.

As of August  31, around 1,400 Connecticut customers who had participated in a solar incentive program managed by an external provider named CLEAResult may have had their personal information, including Social Security numbers, exposed.

Additionally, around 1,800 accounts in an electric vehicle incentive program were also exposed, as of August 31; however, Social Security numbers were not compromised in those cases.

To help customers who may have been affected, Eversource will guide them to free identity protection and credit monitoring services to customers who request them. And there are steps MOVEit Transfer customers are recommended to take to patch the vulnerability, if they haven’t already.

According to Progress, it is crucial to disable all HTTP and HTTPS traffic to the MOVEit Transfer environment. Specifically, firewall rules should be adjusted to block HTTP and HTTPS traffic on ports 80 and 443. During this period of traffic suspension, users will be unable to access the MOVEit Transfer web UI. MOVEit Automation tasks utilizing the native MOVEit Transfer host will not function. REST, Java and .NET APIs will be non-operational. The MOVEit Transfer add-in for Outlook will not be functional. However, SFTP and FTP/s protocols will continue to operate as usual.

As an alternative, administrators can access MOVEit Transfer by utilizing a remote desktop to access the Windows machine and then navigating to https://localhost/.

Then, they can apply the patch for supported MOVEit Transfer versions. Links to these patches will be provided accordingly. After applying the patch, individuals should remember to re-enable all HTTP and HTTPS traffic to their MOVEit Transfer environment. For ongoing security updates and the latest information, it is recommended to bookmark the Progress Security Page and regularly refer to it.

But yeah, this breach is another wake-up call for cybersecurity preparedness and vulnerability management. Businesses must navigate various challenges when it comes to maintaining robust cybersecurity measures in a hybrid world. And occasionally, new challenges pop up.

For businesses that want to learn about the best practices for safeguarding their business against evolving cyber threats in the hybrid work environment, technology solutions provider Apex Technology Services has teamed up with Datto, a cybersecurity provider, to host a breakfast seminar titled "Cybersecurity and Hybrid Work: How To Keep Your Business Protected" from 8:30 AM to noon EST on Wednesday, September 13, at the Datto Offices, 101 Merritt 7, in Norwalk, Connecticut. Pre-registration is required.

Attendees will have an opportunity to gain a comprehensive understanding of the latest cybersecurity threats and vulnerabilities, discover effective strategies for securing remote and hybrid work environments, learn about cutting-edge technologies and tools to enhance cyber resilience, network with industry professionals, thought leaders and peers, and hear case studies and real-world examples that illustrate the tangible impact of cybersecurity measures on their bottom line.

Confirmed presenters include James Baker, Digital Forensic and Incident Response Manager Westport Police Department and Adjunct Professor at Fairfield University; Suzanne Malloy Zaleski, Malloy Insurance; Michael DePalma, Vice President, North America, Datto; and Larry Szebeni, Chief Operating Officer, Apex Technology Services.

Attendees will leave the free seminar with tools and strategies to proactively address cybersecurity challenges of the hybrid work era, protecting businesses’ vital assets and reputations against threats.

Edited by Alex Passett

Apex Technology Services
Choose from comprehensive, affordable solutions for IT consulting, network services and computer help desk support in Fairfield county including Norwalk, Darien, Stamford, Greenwich, Ridgefield and Bridgeport. Also Westchester county including Rye, New Rochelle, White Plains, Yonkers and New York including Manhattan and the five boroughs.


Apex Technology Services is a cutting edge MSP offering quality IT support to financial, medical, legal, Fortune 500 and government agencies while adhering to the highest of quality...



Apex Technology Services has the cybersecurity expertise to help your business in a world filled with attackers looking to shut down your business hold it ransom or steal your valuable...



Apex Technology Services delivers a combination of traditional IT functions such as infrastructure as a service (IaaS), applications, software, security, monitoring, storage...


Ranked Top 10 Network security Solution Provider

One Stop Shop For All Your Technology Needs

Contact us Now!