{
	"id": "78382b67-45ce-43d0-a16a-dc9855f80801",
	"created_at": "2026-04-06T00:22:36.469019Z",
	"updated_at": "2026-04-10T03:21:30.369655Z",
	"deleted_at": null,
	"sha1_hash": "738798525d80e2d5a263ef466e64aef13b29cf18",
	"title": "Colorado warns 4 million of data stolen in IBM MOVEit breach",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 3456834,
	"plain_text": "Colorado warns 4 million of data stolen in IBM MOVEit breach\r\nBy Bill Toulas\r\nPublished: 2023-08-14 · Archived: 2026-04-05 17:03:56 UTC\r\nImage: Midjourney\r\nThe Colorado Department of Health Care Policy \u0026 Financing (HCPF) is alerting more than four million individuals of a\r\ndata breach that impacted their personal and health information.\r\nColorado HCPF is a state government agency that manages the Health First Colorado (Medicaid) and Child Health Plan Plus\r\nprograms, and provides support for low-income families, the elderly, and citizens with disabilities.\r\nThe data breach was possible after Clop ransomware exploited the MOVEit Transfer zero-day (CVE-2023-34362) in a\r\nhacking campaign that impacted hundreds of organizations worldwide.\r\nHCPF clarifies that while their systems weren't directly compromised, the data exposure occurred through IBM, their\r\ncontractor, which utilized the MOVEit software.\r\nhttps://www.bleepingcomputer.com/news/security/colorado-warns-4-million-of-data-stolen-in-ibm-moveit-breach/\r\nPage 1 of 4\n\n0:00\r\nhttps://www.bleepingcomputer.com/news/security/colorado-warns-4-million-of-data-stolen-in-ibm-moveit-breach/\r\nPage 2 of 4\n\nVisit Advertiser websiteGO TO PAGE\r\n\"After IBM notified HCPF that it was impacted by the MOVEit incident, HCPF launched an investigation right away to\r\nunderstand whether the incident impacted its own systems, and to determine whether Health First Colorado or CHP+\r\nmembers' protected health information was accessed by an unauthorized party,\" reads the notice.\r\n\"While HCPF confirmed that no other HCPF systems or databases were impacted, on June 13, 2023, the investigation\r\nidentified that certain HCPF files on the MOVEit application used by IBM were accessed by the unauthorized actor on or\r\nabout May 28, 2023\" - Colorado Department of Health Care Policy \u0026 Financing\r\nThe investigation revealed that the threat actors managed to access and likely exfiltrated files that contained certain Health\r\nFirst Colorado and CHP+ members' information, including:\r\nFull names\r\nSocial Security Numbers (SSNs)\r\nMedicaid ID number\r\nMedicare ID number\r\nDate of Birth\r\nHome address\r\nContact information\r\nIncome information\r\nDemographic data\r\nClinical data (diagnosis, lab results, treatment, medication)\r\nHealth insurance information\r\nThe above data can be utilized to launch effective phishing or social engineering attacks, and can help with identity or bank\r\nfraud activity.\r\nIn total, data of 4,091,794 people has been exposed. For all individuals that received the data breach notification, HPCF\r\nprovides two years of credit monitoring services via Experian to help counteract fraud attempts.\r\nThis disclosure comes only a week after another large state organization in Colorado, the Department of Higher Education\r\n(CDHE), disclosed that a massive data breach caused by a ransomware attack had impacted a large number of students and\r\nteachers.\r\nThe CDHE said the threat actors leveraged the stolen data to perform double extortion and encrypted network computers;\r\nhowever, it did not clarify how the hackers obtained access to the network.\r\nIn July 2023, the Colorado State University disclosed a data breach resulting from its use of the vulnerable MOVEit Transfer\r\nsoftware, impacting tens of thousands of students and academic staff.\r\nhttps://www.bleepingcomputer.com/news/security/colorado-warns-4-million-of-data-stolen-in-ibm-moveit-breach/\r\nPage 3 of 4\n\nAutomated Pentesting Covers Only 1 of 6 Surfaces.\r\nAutomated pentesting proves the path exists. BAS proves whether your controls stop it. Most teams run one without the\r\nother.\r\nThis whitepaper maps six validation surfaces, shows where coverage ends, and provides practitioners with three diagnostic\r\nquestions for any tool evaluation.\r\nSource: https://www.bleepingcomputer.com/news/security/colorado-warns-4-million-of-data-stolen-in-ibm-moveit-breach/\r\nhttps://www.bleepingcomputer.com/news/security/colorado-warns-4-million-of-data-stolen-in-ibm-moveit-breach/\r\nPage 4 of 4",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"ETDA"
	],
	"references": [
		"https://www.bleepingcomputer.com/news/security/colorado-warns-4-million-of-data-stolen-in-ibm-moveit-breach/"
	],
	"report_names": [
		"colorado-warns-4-million-of-data-stolen-in-ibm-moveit-breach"
	],
	"threat_actors": [],
	"ts_created_at": 1775434956,
	"ts_updated_at": 1775791290,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/738798525d80e2d5a263ef466e64aef13b29cf18.pdf",
		"text": "https://archive.orkl.eu/738798525d80e2d5a263ef466e64aef13b29cf18.txt",
		"img": "https://archive.orkl.eu/738798525d80e2d5a263ef466e64aef13b29cf18.jpg"
	}
}