The Colorado Department of Health Care Policy & Financing (HCPF) is the latest victim of a third-party attack by Russia’s Cl0p ransomware group in connection with the MOVEit Managed File Transfer platform. Department officials say that the group stole the personal health data of about 4 million members of state health programs from IBM-managed systems.
Ron Arden, CTO of Fasoo, commented on how using data-centric security could minimize any impact of the attack, since hackers could not read any data they exfiltrated.