The Vermont Office of the Attorney General disclosed a data breach affecting Radius Global Solutions, linked to an exploitation of a vulnerability in the MOVEit web transfer application. The incident occurred on June 1, 2023, with public reporting on August 10, 2023. The breach involved unauthorized access to the system, potentially compromising personal information of an unknown number of individuals. The attack leveraged a known vulnerability in MOVEit, a widely used file-transfer tool, which had been actively targeted by threat actors in a broader campaign. While the exact scope of the exposed data remains undisclosed, such breaches typically involve sensitive personal details (e.g., names, addresses, Social Security numbers, or financial records). The exploitation of this vulnerability allowed attackers to exfiltrate data, raising concerns over identity theft, fraud, and reputational damage for the affected individuals and the company. Radius Global Solutions, a debt collection and customer service provider, handles large volumes of consumer data, amplifying the potential fallout. The breach underscores the risks associated with third-party software vulnerabilities and the cascading impact on organizations relying on such tools for secure data transfers. Investigations likely continue to determine the full extent of the compromise and mitigate further harm.