The U.S. Securities and Exchange Commission has been noted by Progress Software to have launched an investigation into the widespread hack of its MOVEit file transfer app, which has so far impacted 2,546 organizations and exposed information from over 64 million individuals, TechCrunch reports.
Progress disclosed in a regulatory filing that it was subpoenaed by the SEC to submit MOVEit vulnerability-related information and documents as part of the probe, which it intends to fully cooperate with.
"The SEC investigation is a fact-finding inquiry, the investigation does not mean that Progress or anyone else has violated federal securities laws," said Progress.
Cl0p ransomware's attack against MOVEit has already cost Progress $1 million, with further losses likely to stem from legal action by more than 20 impacted clients.
Meanwhile, Progress also revealed spending $4.2 million to address a separate data breach last November that involved unauthorized corporate network access and data exfiltration.