"8 Million People Hit by Data Breach at US Govt Contractor Maximus"
U.S. government services contractor Maximus has recently disclosed a data breach warning that hackers stole the personal data of 8 to 11 million people during the recent MOVEit Transfer data-theft attacks. Maximus is a contractor that manages and administers U.S. government-sponsored programs, including federal and local healthcare programs and student loan servicing. The company employs 34,300 people and has an annual revenue of about $4.25 billion, with a presence in the U.S., Canada, Australia, and the United Kingdom. After investigating the breach, Maximus found no indication that the hackers progressed further than the MOVEit environment, which the company noted was immediately isolated from the rest of the corporate network. However, this limited access was enough to compromise a large number of individuals to whom the firm is now sending data breach notifications. The company stated that based on the review of impacted files to date, they believe those files contain personal information, including social security numbers, protected health information, and/or other personal information, of at least 8 to 11 million individuals to whom the company anticipates providing notice of the incident. Maximus currently plans to record an expense of approximately $15 million for the quarter ending on June 30, 2023, representing the company's best estimate of the total cost of the investigation and remediation activities related to the incident.
BleepingComputer reports: "8 Million People Hit by Data Breach at US Govt Contractor Maximus"