A flaw was discovered in Progress MOVEit Transfer, a popular third-party online transfer application. By exploiting the flaw, attackers compromised multiple organizations, including U.S. Government agencies.
Honeywell is the recent victim of MOVEit Hackers as they gained Unauthorized access to a single MOVEit server.
Multinational firm Honeywell detected data that an unauthorized third party had accessed through the MOVEit app, including some personally sensitive information.
“Honeywell immediately launched an investigation upon learning of the vulnerability in Progress MOVEit Transfer, a third-party web transfer application used by many companies.
The investigation detected unauthorized access on a single MOVEit server”, Honeywell reports.
The company’s primary business sectors are aircraft, building technologies, performance materials and technologies (PMT), and safety and productivity solutions (SPS).
Around 97,000 workers worldwide worked for the company in 2022, down from 113,000 in 2019.
As necessary, the corporation is getting in touch with the impacted people, clients, and partners.
Unauthorized Access to Servers
“All of our systems are fully online, and this has had no impact on company operations. At this time, we do not expect that the unauthorized access on the MOVEit server we used will have a material impact on our business operations”, Honeywell said.
Additionally, the same Progress MOVEit vulnerability has affected certain Honeywell suppliers, and as a result, their data may have been affected.
Progress MOVEIt is the top secure Managed File Transfer (MFT) software. It is used by thousands of organizations across the world to give full visibility and control over file transfer activity.
MOVEit helps to satisfy compliance requirements, effortlessly assure the reliability of key business operations, and securely transmit sensitive data among partners, clients, users, and systems whether it is installed as-a-Service, in the Cloud, or locally.
The organization assesses the issue and takes necessary action as soon as one of these vendors reports that the data has been stolen.
The business claimed that its cybersecurity safeguards prevented the damage to this server and, before resuming service, completely patched and upgraded the Progress MOVEit app as soon as the provider’s updates were available.
“Our cybersecurity defenses limited the impact to this server and we fully patched and upgraded the Progress MOVEit app as soon as the patches were made available from the provider before restoring service”, the company said.
The company mentioned that they are in touch with certain law enforcement and regulatory agencies since the inquiry is still underway.
“We will assess and respond to any impacts as part of our ongoing investigation as we receive notification from suppliers that our data has been compromised,” the company stated.
“AI-based email security measures Protect your business From Email Threats!” – .
