Nebraska Bank Settles MOVEit Breach Lawsuit for $2.4 Million On March 4, 2026, a family-owned Nebraska bank agreed to a $2.4 million settlement to resolve a class-action lawsuit stemming from a 2023 MOVEit software breach that exposed customers’ personal data. The proposed settlement, seeking preliminary approval in the U.S. District Court for the District of Massachusetts, addresses claims that the bank failed to adequately protect sensitive information during the widespread cyberattack. The MOVEit breach, attributed to the Clop ransomware group, exploited a zero-day vulnerability in the file-transfer software, impacting thousands of organizations globally. The Nebraska bank was among the financial institutions affected, leading to the exposure of customer data, including names, Social Security numbers, and financial details. The settlement, if approved, would compensate affected individuals and cover legal fees, marking another financial repercussion for entities caught in the fallout of the MOVEit incident. The case underscores the ongoing legal and financial risks for organizations following large-scale cybersecurity breaches.

The Clop ransomware gang exploited a zero-day vulnerability in Oracle’s E-Business Suite, a critical enterprise software used for managing customer data, HR files, and corporate operations. The attack, active since at least July 10, allowed hackers to steal significant amounts of sensitive data, including personal information of corporate executives and employees, as well as customer data from affected organizations. Oracle initially claimed the vulnerabilities were patched, but later confirmed the zero-day flaw enabled remote exploitation without authentication, meaning attackers could breach systems without credentials.Google’s security researchers revealed that dozens of organizations were compromised, with the Clop gang using the stolen data for extortion campaigns. The group has a history of mass-hacking via unpatched vulnerabilities in file transfer tools (e.g., MOVEit, GoAnywhere), amplifying risks of large-scale data leaks. Oracle’s delayed acknowledgment and the ongoing exploitation of the flaw suggest prolonged exposure, increasing potential damage to financial records, executive identities, and corporate intellectual property.

2023: A Record-Breaking Year for Ransomware as Attacks Surge Past $1 Billion in Extorted Payments 2023 marked a dramatic resurgence in ransomware activity, with cybercriminals extorting over $1 billion in cryptocurrency payments the highest annual total on record. The year saw a sharp reversal from 2022’s temporary decline, driven by high-profile attacks on critical infrastructure, supply chain vulnerabilities, and the proliferation of Ransomware-as-a-Service (RaaS) models. ### Key Trends and Major Incidents - Supply Chain Attacks Dominate: The MOVEit file transfer software breach, exploited by the Cl0p ransomware group, became one of the most damaging incidents of 2023. The zero-day vulnerability allowed attackers to compromise hundreds of organizations, including British Airways, the BBC, and U.S. government agencies, exposing millions of records. Cl0p’s shift to data exfiltration over encryption proved highly effective, generating over $100 million in ransom payments and accounting for nearly 45% of all ransomware revenue in June and July. - Big Game Hunting Persists: Groups like ALPHV-BlackCat and Cl0p targeted large, deep-pocketed victims, demanding multimillion-dollar ransoms. While MGM Resorts refused to pay after an ALPHV-BlackCat attack, the incident still cost the company over $100 million in damages. - RaaS Lowers the Barrier to Entry: The Phobos and ALPHV-BlackCat strains exemplified the RaaS model, enabling less skilled attackers to launch ransomware campaigns in exchange for a cut of profits. This model fueled a 538% increase in new ransomware variants in 2023, according to Recorded Future. - Rebranding and Affiliate Fluidity: Ransomware groups frequently rebranded or shifted between strains to evade law enforcement and sanctions. Blockchain analysis revealed connections between Trickbot, Royal ransomware, and the 3AM strain, demonstrating how a small number of actors drive much of the ecosystem’s activity. ### Law Enforcement Strikes Back Despite the surge in attacks, 2023 also saw significant law enforcement victories: - FBI’s Hive Takedown: In a six-month infiltration, the FBI disrupted the Hive ransomware group, providing decryption keys to 1,300 victims and preventing an estimated $130 million in ransom payments. Statistical models suggest the operation may have averted over $210 million in total payments by disrupting Hive’s broader operations. - International Collaboration: The BlackCat (ALPHV) disruption and other joint operations highlighted increased coordination between global agencies, cybersecurity firms, and blockchain analysts to track and dismantle ransomware networks. ### Financial Flows and Money Laundering Ransomware proceeds were laundered through a mix of centralized exchanges, mixers, and emerging services like cross-chain bridges, instant exchangers, and gambling platforms. While exchanges remained the most common off-ramping method, sanctioned entities and high-concentration services (e.g., specific mixers) created vulnerabilities for law enforcement to exploit. ### The Broader Impact The $1 billion figure reflects only direct ransom payments not the full economic toll, which includes productivity losses, recovery costs, and reputational damage. The MGM Resorts attack alone demonstrated how even non-payment incidents can inflict nine-figure financial harm. 2023 underscored the adaptability of ransomware actors, who continue to refine tactics, exploit zero-day vulnerabilities, and leverage RaaS to maximize profits. While law enforcement made strides in disruption, the escalating scale and sophistication of attacks signal an enduring and evolving threat.

Union Bank & Trust Customers Eligible for Up to $12,500 in MOVEit Data Breach Settlement Union Bank & Trust Co. has agreed to a $2.4 million class action settlement following a data breach that exposed customers' personal information, including Social Security numbers and names, between May 27 and 31, 2023. The breach stemmed from a vulnerability in MOVEit, a file transfer software provider used by the bank, mirroring a similar incident involving Cadence Bank, which settled for $5.2 million. Affected customers, who were notified by settlement administrators, can file claims for reimbursement under two categories: up to $2,500 for ordinary losses (plus $100 for time spent investigating) and up to $10,000 for documented extraordinary losses, with a combined maximum of $12,510. All eligible class members will also receive two years of three-bureau credit monitoring and identity theft protection. Union Bank & Trust denies any wrongdoing but opted to settle to avoid further litigation. Claim forms must be submitted by July 21, 2026, with payments distributed after the final approval hearing on August 6. The case highlights the growing legal and financial risks companies face from third-party cybersecurity failures.