On May 31, 2023, the State of Maine became aware of a software vulnerability in MOVEit, a third-party file transfer tool owned by Progress Software and used by thousands of entities worldwide to send and receive data. The software vulnerability was exploited by a group of cybercriminals and allowed them to access and download files belonging to certain agencies in the State of Maine between May 28, 2023, and May 29, 2023.
Importantly, as it pertains to the State, this incident was specific and limited to Maine’s MOVEit server and did not impact any other State networks or systems.
The State of Maine has determined that this incident has impacted approximately 1.3 million individuals, with the type of data affected differing from person to person.
What information Was Involved?
The specific information involved in this incident varies based on the individual and their association with the State. However, the following types of information may have been involved: name, Social Security number (SSN), date of birth, driver’s license/state identification number, and taxpayer identification number. In addition, for some individuals, certain types of medical information and health insurance information may be involved.
How Do I Find Out if My Information Was Involved?
Individuals are encouraged to contact Maine’s dedicated call center to find out if their data was involved or if they have questions about this incident. The phone number is (877) 618-3659, with representatives available from Monday to Friday, 9 AM to 9 PM ET. If it is determined that an individual’s Social Security number or taxpayer identification number is involved, the call center will provide the individual with a complimentary credit monitoring code.
(Complimentary for 2 years… so helpful but overall doesn’t help the fact if you information is sold on the dark web after that period, normally what happens, the states hands are washed)
Here is a link to the Maine.gov webpage with more information on the situation and what you can do.