Cierant Corporation suffers major data breach via Cleo VLTrader vulnerability

Cierant Corporation, an American marketing software and services company, reported a significant data security incident caused by the exploitation of a vulnerability in a third-party file transfer tool, Cleo VLTrader.

 

In a data security incident notice published on its website, Cierant Corporation said that on December 10, it detected a vulnerability in the VLTrader file transfer application, which threat actors were actively exploiting through an unrestricted file upload and download flaw.

 

Cierant said it immediately launched an investigation, with assistance from external cyber security experts, to determine the nature and scope of the incident.

 

“The investigation determined that an unauthorised actor exploited the third-party vulnerability to gain limited access to Cierant systems that may have compromised personal or health data. This personal data was processed by Cierant on behalf of third-party health plans – Cierant notified and then worked with these health plans to identify and notify potentially affected individuals,” Cierant said.

 

The compromised data included names, addresses, dates of birth, treatment-related dates, a generic description of services received, provider names, medical record numbers, health plan beneficiary numbers, claims numbers, and plan member account numbers.

 

The incident was reported to the U.S. Department of Health and Human Services Office for Civil Rights where Cierant said it has identified at least 232,506 individuals impacted by the incident.

 

While Cierant found no evidence of the compromised information being misused, it advised all affected individuals to regularly monitor their credit reports, account and benefit statements and report any suspicious activity to law enforcement authorities, including the police and the state attorney general.

 

The Clop ransomware group had claimed responsibility for exploiting the critical vulnerability in the Cleo VLTrader file transfer application, revealing that the exploitation of this weakness has allowed it to successfully breach multiple corporate networks, potentially compromising sensitive data and causing widespread disruption across affected organisations.