cyber daily logo

Breaking news and updates daily. Subscribe to our Newsletter

Breaking news and updates daily. Subscribe to our Newsletter X facebook linkedin Instagram Instagram

Government contractor Maximus hit by MOVEit hack, millions affected

US-based government services company Maximus has disclosed that a large amount of personal data has been compromised as part of the MOVEit third-party file transfer hack.

user icon David Hollingworth
Fri, 28 Jul 2023
Government contractor Maximus hit by MOVEit hack, millions affected
expand image

The company revealed the details of the incident in a filing to the US Securities and Exchange Commission.

After an investigation of its use of the MOVEit software, Maximus believes that at least 8 to 10 million people have had their data stolen by the threat actor behind the hack, the Clop ransomware gang. The affected data includes social security numbers, protected health data, and other personal information.

The company has said, however, that the hack has not impacted its internal networks, nor any data not transferred via the MOVEit software. Maximus’ day-to-day operations have also not been impacted.


Nonetheless, the company expects the incident to cost at least US$15 million. However, investigations are ongoing, and more data may have been affected.

“The company’s review of impacted files is ongoing,” Maximus said in its disclosure, “and the company is unable to predict the total number of impacted individuals who will receive notice of the incident until that review is completed, which we expect will not be for several more weeks”.

Maximus is currently working with law enforcement to investigate the incident.

The company itself is headquartered in the US state of Virginia but has offices all around the world, including in Australia, where it operates under the name Max Solutions.

Max Solutions operates as a key employment provider – Max Employment is, in fact, Australia’s largest employment provider. It works with ParentsNext and Employment Victoria, as well as the NDIS. The company also operates in the healthcare sector and education. Thankfully, the local operation does not use the MOVEit software.

"MAX Solutions does not use the MOVEit platform in Australia," Darren Hooper, country manager for Max, "and as a result, no MAX customers were impacted."

Updated on August 1 2023.

David Hollingworth

David Hollingworth

David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.

cd intro podcast

Introducing Cyber Daily, the new name for Cyber Security Connect

Click here to learn all about it
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.