Choice Hotels – the company that purchased global hotel chain Radisson Hotels last year – confirmed that guest records were involved in the data breach.
“Unfortunately, we have confirmed that MOVEit software, from our vendor, had a vulnerability that was exploited by bad actors, resulting in data breaches affecting many of their customers including Radisson Hotels Americas,” a spokesperson said.
“While our investigation is still ongoing, we have identified a limited number of guest records that were accessed by these bad actors. In an abundance of caution, we are in the process of notifying the affected guests.”
The hotel chain did not say how many guests have been identified so far. It operates more than 1,700 properties in 120 countries.
American National Insurance Company, one of the biggest in the U.S., also confirmed that Progress Software is one of its vendors and that an investigation has been started into what data may have been accessed by the Clop ransomware group – which has been the primary gang of hackers exploiting the MOVEit vulnerability and extorting victims.
“On July 7, 2023, we became aware that American National’s name has been listed on a website outside the confines of the public Internet. We are working as thoroughly and expeditiously as possible to validate and review any data that may have been impacted to determine if any individuals’ or organizations’ information was involved,” the company stated
“If we determine that an individual’s sensitive data was involved, we will provide notification to the individual along with resources to help protect their information.”
Sun Life, one of Canada’s largest insurance providers, said on Saturday that data belonging to some of its U.S. customers was compromised after one of its vendors — Pension Benefit Information (PBI) — had a server “accessed by an unauthorized third party as part of the global attack.”
There has been a steady stream of announcements from dozens of the biggest schools, banks and companies in the world confirming their exposure to the MOVEit issue – the third file transfer vulnerability exploited by the Clop ransomware group in the last two years.
The number has now reached 254, with the information of at least 17.7 million people exposed.
Ransomware attacks are no challenge to us at BLAKFX as we have set out to eliminate ransomware as a threat…Period.
Our mission for 2023 is to eliminate ransomware damage.
There is no organization in any sector that is safe from ransomware except those that utilize Helix22 data security SDK.
In Math We Trust
Ransomware Auditing as a Service (RaaS): as ransomware attacks have skyrocketed, they have come to represent the biggest threat to the data of government agencies, military, intelligence agencies as well as private enterprises. BLAKFX developed the first in the world Ransomware Auditing as a Service (RaaS) platform which allows our cyber security engineers to scan your network and simulate real-world ransomware attacks to test the prevention, detection and mitigation strategies of your organization and establish how resilient your network is to real ransomware attacks. After the scan we provide a comprehensive report and our recommendations for remediation.
If you are the victim of an actual ransomware attack, we are able to recover the data that has been hi-jacked during the attack and due to Helix22’s patented DNA BindingTM cryptography, restore it to its original state.
We can make this restoration claim as the tech engineers at BLAKFX invented and holds multi-patents on a genuine device2device (D2D) encryption. We manage data security transmission through the truly brilliant and also patented universal Helix22 key service. The Helix22 encryption originates on your network or device, not just when the app is opened. This means, that when data arrives to our key server, it is already encrypted so all it needs to do is issue another key. Signal and Telegram cannot claim this level of security. This key will then only work with the intended device, which generates a matching key required to open the data. In this protocol, we are truly a “zero-knowledge” server so your communications and transmissions remain completely top secret. Even in the event that BLAKFX were subpoenaed, we can honor the request by just handing over the encrypted content…as that is literally all we have. Helix22 also only use keys just one-time and then destroys them. This way the data security is future forward prefect. Therefore, in our unique device-to-device encryption (D2D) world, there is no opportunity at all for any data leak.
This same protocol just described, can be the same with all your 3rd party vendors and suppliers. It does not matter in the least what platform they are running or what device they are using or even the type of data, it is all 100% protected. We do however, strongly advise that all firms involved be utilizing Helix22 due to the nature of the data content. Helix22 can ensure that whatever data they are generating is protected as well.
Let’s take it a step further. Even if your organization were a victim of an internal attack or a victim of malicious open source downloads, there is no reason for concern. Any data that has been forwarded, downloaded, copied or saved cannot be exfiltrated. Period. We have the technology industries foremost data packets which are protected with multi-layered, military grade encryption algorithms that have already proven the ability to withstand penetration testing from MI5 and quantum computing attacks.
One final practical genius of DNA BindingTM is in that it is immediately compatible with whichever system or software you are utilizing. Therefore, any organization can forward information to another and then discuss it and there is immediate privacy.
Finally, the Helix22 encryption is quantum computing ready so no need to redo all your data security methodologies in a couple of years when everything else becomes obsolete.
In the BLAKFX data security world, ransomware or any other data centric attack cannot have any affect on your systems or data.
The Helix22 data security SDK accomplishes the following:
- Protects all your firms data at rest, in use and in transit
- Renders ransomware threats obsolete
- Eliminates human error
- Eliminates all malicious or interior attacks
- Verifies original content i.e. minimizes the threat of impersonation attacks and deep fakes
- Reduces latency
- Installs with 5 lines of code
- Runs on any platform, network, device and in any programming language i.e. Internet of Things enablement
- Provides perfect future/forward secrecy
- Delivers “zero-knowledge” encryption
- Perfect security when utilizing all SaaS products
- Compatible with all cloud, 3rd party and vendor services
- Secures the Internet of Things by providing protection at the Edge with ultra low latency
- Ensures privacy and security for blockchain and all cryptocurrency transactions
- Is quantum ready – so there’s no need to upgrade when the time comes
- Requires no employee training
- Exceeds all gov’t and banking standards
- Meets compliance regulations
BLAKFX is Based on Success
Our founders, Robert Statica PhD and Kara Coppa, also founded Wickr, which is used by the US military and has never been hacked since its inception in 2012. The Helix22 data security SDK is several generations enhanced since then. Dr. Statica also delivered the encryption for the world’s most secure phone, Katim.
Founder – Robert Statica PhD Founder – Kara Coppa
Co-Founders of Wickr KatimTM Ultra Secure Smartphone
Helix 22 – Zero Risk