## https://sploitus.com/exploit?id=C7711935-DE42-5DEF-81BF-8A27742E6DE6
# MOVEit Transfer 2023 Mass Data Breach
## Overview
This repository contains materials for a cybersecurity course final project analyzing the MOVEit Transfer 2023 mass data breach.
## Incident Details
- **Product:** MOVEit Transfer
- **Incident Date:** MayโJune 2023
- **CVE:** CVE-2023-34362
- **Attack Type:** SQL Injection โ Web Shell โ Data Exfiltration
- **Threat Actor:** Cl0p ransomware group
## Summary
In May 2023, a zero-day SQL injection vulnerability in the MOVEit Transfer managed file transfer application was exploited by attackers to gain unauthorized access to backend databases and exfiltrate sensitive data from hundreds of organizations worldwide.
## Course Relevance
This incident relates directly to course topics including:
- Web application security
- Input validation
- SQL injection
- Least-privilege access
- Secure software design
## Contents
- `/slides` โ Presentation slides used in the final video
- `README.md` โ Project overview and incident explanation
## References
- Progress Software Security Advisory
- CISA MOVEit Transfer Guidance
- Krebs on Security
- The Hacker News
- SecurityWeek
## Author
- **Name:** Your Name
- **edX Username:** your_edx_username
- **GitHub Username:** your_github_username# moveit-transfer-2023-breach
Case study of the 2023 MOVEit Transfer mass data breach (CVE-2023-34362)