Six Additional Companies Impacted by Sovos Compliance Data Breach Related to MOVEit Vulnerability

Console and Associates, P.C.

On September 22, 2023, Sovos Compliance LLC (“Sovos”) filed another notice of data breach on behalf of multiple companies affected by a data breach at Sovos involving the MOVEit file transfer application. In this notice, Sovos explains that the incident resulted in an unauthorized party being able to access consumers’ sensitive information, which includes their names and Social Security numbers. The affected companies include UBS Financial Services Inc, Atlantic Shareholder Services, Patelco Credit Union, Bangor Savings Bank, Pan-American Life Insurance Group, Inc. and Celink. Upon completing its investigation, Sovos began sending out data breach notification letters to all individuals whose information was affected by the recent data security incident.

If you received a data breach notification from Sovos Compliance LLC mentioning information you provided to one of the above-listed companies, it is essential you understand what is at risk and what you can do about it. A data breach lawyer can help you learn more about how to protect yourself from becoming a victim of fraud or identity theft, as well as discuss your legal options following the Sovos Compliance / MOVEit data breach. For more information, please see our recent piece on the topic here.

The Details of the Sovos MOVEit Data Breach

The Sovos Compliance / MOVEit data breach was only previously announced; however, Sovos continues to add additional victims. Sovos’ Sept. 22, 2023 filing with the Attorney General of Maine provides information pertaining to the latest update.

According to this source, the incident involved Sovos’ use of MOVEit, which is a file-transfer application created by Progress Software that Sovos uses throughout the normal course of business. However, on May 31, 2023, Sovos learned that MOVEit contained a critical vulnerability that allowed hackers to gain access to confidential information stored in Sovos’ MOVEit environment. And because Sovos is a vendor to other companies, Sovos accepts confidential consumer information from the other entities it does business with.

Specifically, this notice of data breach pertains to the following organizations:

  • UBS Financial Services Inc
  • Atlantic Shareholder Services
  • Patelco Credit Union
  • Bangor Savings Bank
  • Pan-American Life Insurance Group, Inc.
  • Celink

After learning that sensitive consumer data was accessible to an unauthorized party, Sovos Compliance reviewed the compromised files to determine what information was leaked and which consumers were impacted. While the breached information varies depending on the individual, it may include your name and Social Security number.

On September 22, 2023, Sovos Compliance sent out data breach letters to anyone who was affected by the recent data security incident. These letters should provide victims with a list of what information belonging to them was compromised.

More Information About Sovos Compliance LLC

Founded in 1979, Sovos Compliance LLC is a financial software company based out of Wilmington, Massachusetts. Sovos creates software solutions for tax determination, continuous transaction control compliance, and tax & regulatory reporting. Sovos Compliance employs more than 2,400 people and generates approximately $504 million in annual revenue.

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Console and Associates, P.C. | Attorney Advertising

Written by:

Console and Associates, P.C.

Console and Associates, P.C. on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide