Philips Data Breach

[Bertha deBlues]

I got a letter today from Philips saying that they were "notified on June 5, 2023 of a security vulnerability in a data transfer tool." The good news is that I can now get a free one-year membership in something called Experian Identity Works Credit 3B. I'll have to look into this further before signing up.

[Pugsy]

Be very careful.
I got something similar from Experian a couple of weeks ago and the big red flag was the "data breach" warning was pertaining to a company I never have done business with.
I assumed a fancy phishing attempt from Experian and it went into the trash. How can there be a data breach with a company I have never had anything to do with???

[Bertha deBlues]

Yes, I decided not to jump on it until I know it's legit. I found this on the Philips website under Security:

Publication Date: 2023 June 7

Update Date: 2023 July 10

Philips is currently monitoring developments and updates related to an observed wide exploitation of a zero-day vulnerability in the MOVEit Transfer secure managed file transfer software for subsequent data theft. These vulnerabilities were announced by Progress Software Corporation and have been assigned CVE-2023-34362 and CVE-2023-35036.

According to open source information, beginning on May 27, 2023, CL0P Ransomware Gang, also known as TA505, began exploiting a previously unknown SQL injection vulnerability (CVE-2023-34362) in Progress Software's managed file transfer (MFT) solution known as MOVEit Transfer. Internet-facing MOVEit Transfer web applications were infected with a web shell named LEMURLOOT, which was then used to steal data from underlying MOVEit Transfer databases.

As part of the company’s product security policy and protocols, Philips’ teams are evaluating Philips’ products and solutions for potential impacts from these reported vulnerabilities and validating actions.

Philips is committed to ensuring the safety, security, integrity, and regulatory compliance of our products to be deployed and to operate within Philips approved product specifications. Therefore, in accordance with Philips’s policy and regulatory requirements, all changes of configuration or software to Philips’ products (including operating system security updates and patches) may be implemented only in accordance with Philips product-specific, verified & validated, authorized, and communicated customer procedures or field actions.

Contract-entitled customers may use Philips InCenter and are encouraged to request Philips InCenter access and reference product-specific information posted. If customers still have questions, all customers (contract-entitled or otherwise) are encouraged to contact their local service support team or regional product service support as appropriate for up-to-date information specific to their Philips’ products.

Philips is providing the list below to better assist our customers in identifying any Philips’ products that could be impacted. To the best of our knowledge, the list is complete, and products not listed should be considered not impacted. Philips reserves the right to update the list as necessary if additional products are identified.

Encore Anywhere 1

Care Orchestrator 1

For all above products Philips is evaluating the best possible mitigations.

1 Product has been patched against this exploit.

Note:
For customers who utilize the Philips Remote Services Network (RSN, PRS), all Philips RSN systems are protected against this vulnerability and customers are advised not to disconnect the PRS as it may impact Philips’s service teams from providing any required immediate and proactive support such as remote patching.

[Conrad]

I received the same letter from Philips.

At first, I thought that it had something to do with the payout on the recalled machines. but no, another screw up related to Philips. Imagine that?

[amenite]

I received the same letter from Philips.

At first, I thought that it had something to do with the payout on the recalled machines. but no, another screw up related to Philips. Imagine that?

This one does not appear to be on Philips, unless they failed to patch things up after this third party software defect was identified in 2023. Zero day exploits occur all the time, in back end systems that people have never heard of, all over the place. It might be more constructive to consider all the places where vulnerabilities exist and the vendor *is not* notifying you.

[Pugsy]

About a year or so ago I got a letter from my healthcare provider system alerting me to a data breach of their system and they just told me to watch things and be careful.
Then about 3 or 4 months later I got a phone call from a collection agency (they said) and wanted me to pay a $7,000 bill to a hospital where they said I was treated and hospitalized.
Fine and dandy except I hadn't been hospitalized at all and especially in a hospital (I asked the name of the supposed hospital) and there was no such hospital at all.

Scammer pure and simple...and they got a earful of some very colorful unladylike language.

I have no doubt that the scam phone call came from information gleaned from the data breach of my healthcare system.
Sneaky little bastards.

[amenite]

They only need to hit on a tiny percentage of people who fall for it in order for it to remain profitable for them. Thus it will never end.

Lock down your credit profiles with Experian, Equifax, Transunion, and don't forget Innovis. Then lock down your CHEX Systems profile information. And maybe sign up for informed delivery from the post office in case someone is trying to re-route your mail.

[Bertha deBlues]

They only need to hit on a tiny percentage of people who fall for it in order for it to remain profitable for them. Thus it will never end.

Lock down your credit profiles with Experian, Equifax, Transunion, and don't forget Innovis. Then lock down your CHEX Systems profile information. And maybe sign up for informed delivery from the post office in case someone is trying to re-route your mail.

Good advice. I was not aware of the MOVEit breach until now. It has affected numerous organizations - educational, medical, business, governmental, etc. Philips was only one of many affected.

I signed up for the one-year Experian membership.

[chunkyfrog]

They only need to hit on a tiny percentage of people . . .

This is why they TARGET the elderly. (or elder-ish)
Stiinkers!
[[[Can this be prosecuted as SENIOR ABUSE?]]]
(Legal eagles--I'm talking to YOU!)
Maybe a really big class action against these no-class bastards!

[Conrad]

They only need to hit on a tiny percentage of people . . .

This is why they TARGET the elderly. (or elder-ish)
Stiinkers!
[[[Can this be prosecuted as SENIOR ABUSE?]]]
(Legal eagles--I'm talking to YOU!)
Maybe a really big class action against these no-class bastards!

The problem is, and it's a BIG problem, ID'ing the bastards.