Delta Airlines and Amazon have recently confirmed that employee data was compromised by threat actors exploiting the MOVEit file transfer tool through a third-party vendor.

Delta reports that exposed data includes basic internal directory details—names, contact info, and office locations—with no highly sensitive personal data. Amazon similarly clarified that only work contact details were exposed, with core systems secure. Both companies emphasized that no Social Security numbers or financial information were affected, and the vendor has since patched the vulnerability.

This breach comes amid continued concerns about the MOVEit file transfer vulnerability, which initially made headlines in mid-2023 following widespread exploitation. Hackers took advantage of the vulnerability to access sensitive organizational data, ultimately affecting 2,773 organizations and exposing records for nearly 96 million individuals.

As a result, Progress Software, the creator of MOVEit, has faced over 100 lawsuits, and the Clop ransomware gang—linked to the incident—is believed to have earned between $75 and $100 million in ransoms.

Why It Matters: The MOVEit breach reveals just how devastating a single vulnerability can be when leveraged against major organizations worldwide. For companies like Delta and Amazon, the exposure of employee data—even if limited to contact details—opens the door to targeted phishing attacks, impersonation scams, and other sophisticated social engineering tactics that could undermine internal security. With nearly 96 million records exposed, the MOVEit breach, reveals the enduring risks of third-party vulnerabilities and how this exploit continues to be leveraged by threat actors long after its initial discovery.

• Data Exposed Through Vendor Breach: Delta and Amazon revealed that data was compromised through a MOVEit vulnerability at an unnamed third-party vendor. Delta confirmed internal directory data exposure without sensitive personal identifiers, while Amazon noted that work contact information for employees was affected.

• Renewed Threat of Data Leaks: The hacker “Nam3L3ss” has reportedly accessed additional data through the MOVEit breach, with plans to release extensive data sets from 25 organizations on the dark web. Security experts verified the legitimacy of the data, amplifying concerns around the residual threat of this incident.

• Long-Term Fallout of MOVEit Breach: Since the MOVEit vulnerability first surfaced, approximately 2,773 organizations have been impacted, and records for 96 million people have been exposed. The breach has led to widespread lawsuits and has cost affected organizations millions in ransoms and response efforts.

• Escalation of Cybersecurity Risks: Security experts warn that the data being released could facilitate cyber-attacks targeting employees through phishing and social engineering tactics. This data, including email addresses and organizational structures, offers cybercriminals a “goldmine” for exploiting organizational weaknesses.

Go Deeper -> Delta, Amazon Confirm Vendor Breach as Dark Web Posts Revive MOVEit Leak Concerns – The Record

Amazon Confirms Employee Data Stolen After Third-Party MOVEit Breach – Tech Radar