Millions of Americans had their sensitive medical and health information stolen after hackers exploiting a zero-day vulnerability in the widely used MOVEit file transfer software raided systems operated by tech giant IBM.
Colorado’s Department of Health Care Policy and Financing (HCPF), which is responsible for administering Colorado’s Medicaid program, confirmed on Friday that it had fallen victim to the MOVEit mass-hacks, exposing the data of more than four million patients.
In a data breach notification to those affected, Colorado’s HCPF said that the data was compromised because IBM, one of the state’s vendors, “uses the MOVEit application to move HCPF data files in the normal course of business.”
The letter states that while no HCPF or Colorado state government systems were affected by this issu …
