US govt contractor Serco discloses data breach after MoveIT attacks. Serco Inc, the Americas division of multinational outsourcing company Serco Group, has disclosed a data breach after attackers stole the personal information of over 10,000 individuals from a third-party vendor’s MoveIT managed file transfer (MFT) server. In a breach notification filed with the Office of the Maine Attorney General, Serco said that the information was exfiltrated from the file transfer platform of CBIZ, its benefits administration provider. “On June 30, 2023, Serco was made aware that our third-party benefits administration provider, CBIZ, experienced a ransomware attack and data breach,” the company explained. Third-party company: CashCall Inc..