Sovos Compliance Notifies 18k+ Individuals that MOVEit Data Breach Leaked Their SSNs

Richard Console, Jr.
Console and Associates, P.C.
Contact
LinkedIn
Facebook
X
Send
Embed

On July 12, 2023, Sovos Compliance LLC filed a notice of data breach with the Attorney General of Maine after discovering that MOVEit, a file transfer software used by Sovos, contained a critical vulnerability allowing an unauthorized party to download confidential consumer data provided to Sovos. In this notice, Sovos explains that the incident resulted in an unauthorized party being able to access consumers’ sensitive information, which includes their names and Social Security numbers. Upon completing its investigation, Sovos began sending out data breach notification letters to all individuals whose information was affected by the recent data security incident.

If you received a data breach notification from Sovos Compliance LLC, it is essential you understand what is at risk and what you can do about it. As we’ve previously discussed in other posts, hackers can use your Social Security number to orchestrate a range of frauds against you, most notably identity theft. However, there are certain steps you can take to minimize the risk of identity theft following a data breach. A data breach lawyer can help you learn more about how to protect yourself from becoming a victim of fraud or identity theft as well as discuss your legal options following the Sovos Compliance data breach.

What Caused the Data Breach Affecting Sovos Compliance?

The Sovos Compliance data incident was only recently announced, and more information is expected in the near future. However, Sovos’ filing with the Attorney General of Maine provides some important information on what led up to the breach. According to this source, Sovos uses a file-transfer software called MOVEit to deliver unclaimed property services to its clients.

On May 31, 2023, Progress Software, the creator of MOVEit, announced a previously unknown vulnerability in its MOVEit product. Evidently, this vulnerability allowed unauthorized parties to access and download information in certain companies’ MOVEit servers, including Sovos’. On May 30, 2023, Sovos determined that unauthorized actors exploited the MOVEit vulnerability to download a file containing confidential information that had been provided to Sovos.

After learning that sensitive consumer data was accessible to an unauthorized party, Sovos Compliance reviewed the compromised files to determine what information was leaked and which consumers were impacted. While the breached information varies depending on the individual, it may include your name and Social Security number.

On July 12, 2023, Sovos Compliance sent out data breach letters to anyone who was affected by the recent data security incident. These letters should provide victims with a list of which information of theirs was compromised.

More Information About Sovos Compliance LLC

Founded in 1979, Sovos Compliance LLC is a financial software company based out of Wilmington, Massachusetts. Sovos creates software solutions for tax determination, continuous transaction control compliance, and tax & regulatory reporting. Sovos Compliance employs more than 2,400 people and generates approximately $504 million in annual revenue.

Send Print Report

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Console and Associates, P.C. | Attorney Advertising

Written by:

Console and Associates, P.C.
Console and Associates, P.C.
Contact
more
less

Console and Associates, P.C. on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign Up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide