Was your personal information exposed in the 2023 MOVEit data breach? You may be entitled to compensation for Progress Software’s failure to adequately protect your sensitive information from hackers. Fill out the form to find out your rights »

Case Status
Active
Court
U.S. District Court for the District of Maryland
U.S. District Court for the District of Massachusetts
U.S. District Court for The Southern District of New York
U.S. District Court for The District of Oregon
U.S. District Court for the Western District of Washington
Case Number
1:23-cv-12067, 1:23-cv-07822-LAK, 2:23-cv-01354, 1:23-cv-12015, 1:23-cv-12010, 1:23-cv-11984, 3:23-cv-01259-YY, 1:23-cv-11939, 1:23-cv-11864, 1:23-cv-11782, 1:23-cv-01933-JMC, 1:23-cv-11412, 1:23-cv-12157, 1:23-cv-12156, 1:23-cv-12192, 1:23-cv-12203, 1:23
Defendant(S)
Bank of America
Brighthouse Financial Inc.
Continental Casualty Company
Corebridge Financial
F&G Annuities
Fidelity Investments
Foresters Financial Holding Company Inc.
International Business Machines Corporation D/B/A IBM
Massachusetts EOHHS
MassMutual Ascend Life Insurance Company
Maximus Federal Services Inc.
Milliman Inc. D/B/A Milliman Intelliscript
Milliman Solutions LLC
Pension Benefit Information, LLC D/B/A PBI Research Services
Performance Health Technology Ltd
Progress Software Corporation
Sun Life And Health Insurance Company
Talcott Resolution Life and Annuity Insurance Company
Talcott Resolution Life Insurance Company
TD Ameritrade Inc.
Teachers Insurance and Annuity Association Of America
The Johns Hopkins Health System Corporation
The Johns Hopkins University
The Independent Order Of Foresters D/B/A Foresters Financial
The Prudential Insurance Company of America
Trillium Community Health Plan Inc.
University of Massachusetts Chan Medical School
File Date

WHAT’S THE ISSUE?

In June 2023, hackers discovered a security vulnerability in MOVEit, a managed file transfer software owned by Progress Software, which they exploited to steal highly sensitive personal data from more than 600 organizations worldwide. It is estimated that 40 million people have been impacted by this data breach, which has compromised the data of more than 30 educational institutions, hundreds of companies and even some government agencies.

HOW DO I KNOW IF I’M AFFECTED?

If you have received a data breach notification letter, you may be impacted, and you can fill out the form to find out your rights. The data breach impacted hundreds of organizations, including at least 30 colleges and universities and Teachers Insurance and Annuity Association of America (TIAA), a financial services provider. Reports say that “the majority of schools” in the U.S. were likely affected by the data breach. Banks, manufacturing firms, airlines and other companies have also been impacted, exposing the data of millions of people around the country to hackers.

WHAT INFORMATION WAS STOLEN?

The hundreds of organizations impacted by the MOVEit data breach collected the following sensitive data from millions of people around the country:

  • Contact information
  • Dates of Birth
  • Social security numbers
  • Pension information
  • Medical records
  • Billing data
  • Banking information

MORE ABOUT THE MOVEit DATA BREACH

MOVEit is a software that organizations use to store, manage and distribute information, ostensibly securely. According to reports, because many of the organizations impacted by the data breach were handling data on behalf of others — as in the case of TIAA — who in turn got that data from third parties, the security vulnerability discovered in the MOVEit software allowed hackers to slip past the defenses of a vast, interconnected web of companies and institutions. New data breach impacts are still emerging, and the list of affected organizations continues to grow.

DATA BREACH IMPACTS

The estimated 40 million people whose data was stolen in the data breach must now take steps to protect themselves and mitigate the damages caused by the data breach. According to reports, identity theft is the most common consequence of a data breach and happens to about 65% of data breach victims. Consumers lost more than $56 billion to identity theft and fraud in 2020 alone, and over 75% of identity theft victims reported emotional distress.

Because Progress Software and many of the organizations that used MOVEit did not take the necessary steps to ensure that consumer data was adequately protected, victims of the 2023 data breach will be forced to take all steps possible to mitigate damages caused by the breach. 

LAWSUITS FILED

Hagens Berman has filed multiple lawsuits against Progress, PBI Research Services and other companies that are responsible for mishandling your sensitive personal data. As new facts continue to emerge, our consumer rights attorneys are pursuing every avenue to justice for the more than 40 million people impacted by the MOVEit data breach.

YOUR CONSUMER RIGHTS

Progress Software advertised that files transferred using MOVEit would be done so securely. Yet the personal information of millions of people around the country was compromised by a single vulnerability in this widely used software, putting them at high risk for identity theft and ongoing fear of financial and personal anguish. Hagens Berman believes that consumers deserve swift and just action for the negligence of Progress Software and other organizations involved in the 2023 data breach. The firm will investigate Progress Software and other organizations for negligence and violations of state and federal laws, and seeks to secure financial relief for the many consumers impacted by the breach.

TOP CONSUMER RIGHTS FIRM

Hagens Berman is one of the most successful consumer protection law firms in the U.S. and has achieved more than $325 billion in settlements against some of the nation's most powerful corporations and institutions. Hagens Berman is currently one of a select few firms chosen to finalize a settlement with T-Mobile for its 2021 data breach, in which the mobile carrier has agreed to pay $350 million into a settlement fund for customers.

NO COST TO YOU

There is no cost or fee whatsoever involved in joining this action. In the event Hagens Berman or any other firm obtains a settlement that provides benefits to class members, the court will decide a reasonable fee to be awarded to the class's legal team. In no case will any class member ever be asked to pay any out-of-pocket sum.

CASE TIMELINE

Complaint Filed Against Progress, PBI & Brighthouse
Complaint Filed Against Progress, PBI & Sun Life
Complaint Filed Against Progress, Massachusetts EOHHS & UMass Chan
Complaint Filed Against Progress, PBI & Continental Casualty
Complaint Filed Against Progress, PBI & MassMutual
Complaint Filed Against Progress & TD Ameritrade
Complaint Filed Against Progress, PBI, Fidelity, Bank of America, F&G Corebridge
Complaint Filed Against Progress, PBI & TIAA
Complaint Filed Against Progress, PBI, Milliman, Intelliscript & Foresters
Complaint Filed Against Progress & IBM
Complaint Filed Against Progress, PBI & Prudential
Complaint Filed Against Progress
Complaint Filed Against Progress & Maximus
Complaint Filed Against Progress, PBI & Talcott
Complaint Filed Against Progress and PBI (CalPERS)
Complaint Filed Against Progress and Johns Hopkins
Complaint Filed Against Progress and PBI (Genworth)
Complaint Filed Against Progress

Hagens Berman purchases advertisements on search engines, social media sites and other websites. Transmission of the information contained or available through this website is not intended to create, and receipt does not constitute, an attorney-client relationship. If you seek legal advice or representation by Hagens Berman, you must first enter a formal agreement. All information contained in any transmission is confidential and Hagens Berman agrees to protect information against unauthorized use, publication or disclosure. This site is regulated by the Washington Rules of Professional Conduct.