The MOVEit breach affected us – sharing our response timeline

Our organization was one of the thousands affected by the MOVEit vulnerability. I want to share our response timeline and lessons learned to help others who may face similar situations.

Day 1: Received advisory about CVE-2023-34362. Immediately patched MOVEit servers.

Day 2: Forensic analysis revealed web shells had been deployed before our patch.

Day 3-5: Data impact assessment – determined 45,000 records were exfiltrated.

Thank you for sharing this. The transparency is really valuable for the community. One question – how long did it take from patch to completing your forensic analysis? We’re trying to benchmark our own response times.