Amazon Confirms Employee Data was Exposed After MOVEit Supply Chain Breach

Supply chain vulnerability highlights the long-lasting impact of breaches and that companies of all sizes are being targeted

Over 2,600 organisations were impacted when file transfer solution provider, Progress Software’s MOVEit service was targeted by a ransomware gang. The attack initially took place in May 2023, but the impact of the breach is still hurting companies today.

Amazon has, for example, announced in the last few days that employee data has been leaked online and confirmed that it was taken during the MOVEit breach. This latest update on the major incident highlights the long-lasting impact of a breach and that companies of all sizes are under threat from supply chain attacks, as Steven Harris, Cyber Threat Analyst at Protection Group International (PGI), explains:

“When the MOVEit breach was first exposed in 2023 it was very quickly apparent the huge number of companies across the globe which had been impacted. The headlines were full of well-known companies who had lost data and the potential impact of the ransomware demands.

“The fact that so many well-known companies such as Amazon, Shell, Ernst and Young, BBC, British Airways and Deutsche Bank, as well as many Government and educational organisations were impacted highlights that organisations of all sizes are vulnerable to supply chain hacks.

“The main issue is that no matter the amount money spent on frontline defences, if third-parties within your supply chain have vulnerabilities you face a significantly increased risk of being impacted by cybercrime, even though the attack is not on your own systems. The lesson is that no one should consider themselves too big or too well protecting by frontline defences to be impacted by a supply chain attack.

“The other factor from Amazon’s recent announcement is the timeframe in which these breaches impact companies. It is over a year since the news broke of the MOVEit hack and yet data is still being held by cybercriminals and being released onto the web. Even after the headlines have died down, companies are continuing to struggle with the impact of a hack.

“Organisations need capacity to monitor and detect breaches and threat actor activity. If detected early or a vulnerability identified within your supply chain the threat can be neutralised. However, even for the largest companies this is often seen outside of the traditional defensive scope with most companies unable to offer enough resources or expertise.

“However, some are turning to consultancies that can provide the necessary expertise and resource that allow companies to identify breaches and possible vulnerabilities within supply chains in a timely manner. Undoubtedly cybercriminals are going to continue targeting supply chains, bypassing stronger frontline defences to get their hands-on data and systems. Companies have to be more aware of the threat that resides within their partners and react to possible threats quickly.

“Without this in place not only are companies facing damaging headlines in the immediate aftermath of a breach, but a long-term problem with data exposure and ongoing regulatory issues,” Harris concludes.