The information on this page for PBI’s business clients.

If you are an individual looking for information about the MOVEit incident, click here.

PBI Research Services Statement on MOVEit Cyberattack

Among many other entities including the federal government, state governments, universities, healthcare organizations, and corporations around the world, PBI Research Services was also impacted by the recent MOVEit cyberattack in late May.

PBI Research Services uses Progress Software’s MOVEit file transfer application with some of our clients. At the end of May, Progress Software identified a cyberattack in their MOVEit software that did impact a small percentage of our clients who use the MOVEit administrative portal software resulting in access to private records. This incident did not gain access to PBI’s core systems or software.

PBI promptly patched its instance of MOVEit, assembled a team of cybersecurity and privacy specialists, notified federal law enforcement, and contacted impacted clients.

Our clients’ and their customers’ privacy is our number one priority and PBI is working diligently with our clients to notify and support impacted individuals.

PBI became aware of the MOVEit compromise on June 2, 2023, and immediately applied the patch provided by Progress Software.  PBI immediately undertook an extensive internal investigation, which was later supplemented with the assistance of third-party cybersecurity and digital forensic specialists, to determine the nature and scope of the effect of the MOVEit event. PBI also reported the event to federal law enforcement.

PBI has contacted all impacted clients directly. If you were not contacted, you were not impacted.

Yes. PBI systems were not impacted, outside of the isolated MOVEit Transfer server. If you are hesitant to use MOVEit software at this time, we have other data transfer options or layers of optional security that can be added to further secure your data.

No. Hundreds of organizations worldwide were also impacted.

We continue to encourage our customers to encrypt files prior to uploading for an extra layer of security. You can also delete your own results files once you’ve successfully downloaded.

According to public reporting and security researchers, the “CL0P” threat actor group is claiming responsibility for this event.

PBI notified the Federal Bureau of Investigation as part of its comprehensive incident response.