The list of organizations affected by the MOVEit Transfer breach continued to grow as reporting tied additional victims to the mass exploitation campaign against the managed file-transfer platform. The incident was widely linked to the Clop ransomware and extortion operation, which exploited a zero-day flaw in MOVEit to steal data from enterprises and institutions that used the software to exchange sensitive files.
The expanding victim count underscored the broad downstream impact of third-party file-transfer compromises, with exposed data reportedly affecting banks, businesses, government entities, and other organizations connected to breached MOVEit deployments. The campaign highlighted how a single vulnerability in a widely used transfer product can rapidly become a large-scale supply-chain-style data theft event, forcing incident response, disclosure, and regulatory scrutiny across multiple sectors.

Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
1 event from the most recent confirmed update back to the earliest known activity.
A July 2023 report said the list of organizations affected by the MOVEit hack was still growing, indicating ongoing disclosure of additional victims tied to the campaign. The reference attributes this update to Bank Info Security reporting on the expanding impact.
1 reference tracked. Mallory keeps watching after this page renders.
Map indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.