On July 26, 2023, Hillsborough County reported a significant data breach to the U.S. Department of Health and Human Services Office for Civil Rights. The breach, which involved the MOVEit file transfer tool, potentially put the personal data of local residents in jeopardy. According to the report filed by Hillsborough County, an unauthorized third party was able to access an array of consumers’ sensitive information. This includes but is not limited to first and last names, social security numbers, and dates.
While the full extent of the breach remains to be determined, the current estimate betrays that the breach could impact more than 70,000 individuals. As a dependable mode of digital file transfer, corporations and individual users worldwide utilize MOVEit. This recent breach testifies to the continued vulnerability of data in digital landscapes, even when protected by widely trusted secure transfer services.
Legal professionals operating in large corporations or law firms should take note of this breach for a twofold reason. Firstly, the incident underscores the urgent need for robust data protection measures across industries. Secondly, considering the prevalence of MOVEit usage, law firms and corporations must undertake an immediate re-evaluation of security protocols, reinforcing weak points where necessary.
In the wake of this incident, data privacy and cybersecurity have once again come to the forefront as areas of legal interest and concern. Legal teams across boardrooms will have to reassess the liabilities and course of action in the event of such breaches. Given data’s increasing value in the contemporary world, its protection cannot be secondary.
For further insights and to understand the wider implications of this breach, read the full report here.