We review vendors based on rigorous testing and research but also take into account your feedback and our affiliate commission with providers. Some providers are owned by our parent company.
Learn more
vpnMentor was established in 2014 to review VPN services and cover privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: ExpressVPN, CyberGhost, and Private Internet Access which may be ranked and reviewed on this website. The reviews published on vpnMentor are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize professional and honest examination of the reviewer, taking into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and affiliate commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.
Advertising Disclosure

vpnMentor was established in 2014 to review VPN services and cover privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: ExpressVPN, CyberGhost, and Private Internet Access which may be ranked and reviewed on this website. The reviews published on vpnMentor are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize professional and honest examination of the reviewer, taking into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and affiliate commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.

MOVEit Breach Exposes Medicaid Data in Missouri

MOVEit Breach Exposes Medicaid Data in Missouri
Author Image Keira Waddell
Keira Waddell Published on 15th August 2023 Former Senior Writer

The Missouri Department of Social Services (DSS) has issued a warning regarding a significant data breach involving Medicaid healthcare information. This breach comes as part of a series of attacks orchestrated by the Cl0p ransomware gang, with reports indicating that the gang stands to gain $75-100 million from its nefarious activities.

The breach targeted MOVEit file transfer software, a popular third-party tool used by the DSS. A zero-day vulnerability in the software, labeled CVE-2023-34362, was used to gain access to the sensitive health information of Medicaid participants. This vulnerability has been used to impact over 600 entities worldwide, spanning various industries and government agencies.

In a data breach notice posted last week, the Missouri Department of Social Services (DSS) revealed that although the security breach did not directly affect DSS systems, it did compromise data under the jurisdiction of DSS.

Patient information, including names, Department Client Numbers (DCNs), dates of birth, benefit eligibility status, coverage details, and medical claims, were accessed by unauthorized actors. The DSS emphasized that immediate actions have been taken to mitigate the impact and that investigations are ongoing.

The DSS is just the latest victim of many in a significant wave of data theft exploiting the MOVEit vulnerability. In Oregon, around 1.7 million residents' health information was compromised due to the MOVEit hacks. The Louisiana and Oregon Department of Motor Vehicles also fell victim to the same attacks, resulting in the theft of millions of state IDs.

The Cl0p ransomware gang's tactics have wreaked havoc globally, drawing attention to the vulnerabilities present in critical systems. IBM, the provider of MOVEit services, has taken steps to mitigate the impact of the breach and has ceased interaction with the affected systems.

As investigations continue, authorities recommend that affected individuals take measures to safeguard their financial security. Freezing credit and monitoring credit reports for suspicious activity are steps that can help mitigate the potential repercussions stemming from these significant breaches.

About the Author

Keira was a senior writer at vpnMentor. She is an experienced cybersecurity and tech writer dedicated to providing comprehensive insights on VPNs, online privacy, and internet censorship.

Please, comment on how to improve this article. Your feedback matters!

Leave a comment

Sorry, links are not allowed in this field!

Name should contain at least 3 letters

The field content should not exceed 80 letters

Sorry, links are not allowed in this field!

Please enter a valid email address