Records of 4 Million Coloradans Compromised in MOVEit Transfer Attack. The Colorado Department of Health Care Policy and Financing (HCPF), which oversees the state’s Medicaid program and the Child Health Plan Plus (CHP+) The Colorado Department of Health Care Policy and Financing, Indiana Family and Social Services Administration, Florida Healthy Kids, and Johns Hopkins Medicine have confirmed that data was stolen in the recent attacks by the Clop group on MOVEit Transfer applications. Hackers (Clop) exploited a zero day vulnerability in the MOVEit Transfer file transfer solution and exfiltrated data and attempted to extort money from the victims. The information security firm Kon Briefing has been tracking the incidents and reports that at least 670 organizations fell victim to the attacks and the records of 46 million individuals are known to have been compromised. Third-party company: IBM.