The breach was part of a massive cyberattack in May that exploited a vulnerability in the widely used network MOVEit file transfer system.
In addition to various state agencies in Maine, there are several US federal authorities were also affected by the data breach in May, including the Department of Energy and Department of Health and Human Services.
Maine said this week that affected data included names, Social Security numbers, dates of birth, driver’s license or state identification numbers, tax identification numbers, medical information and health insurance information.
The states Department of Health and Human Services And Ministry of Education were the authorities most affected by the incident. Several other departments were affected to a lesser extent.
The state said it “blocked internet access to and from the MOVEit server” and implemented security measures recommended by the company that owns the tool as soon as it became aware of the breach.
The cyberattack was reportedly orchestrated by a Russian ransomware group has affected more than 70 million people worldwide, according to a running tally from anti-malware company Emsisoft.
The breach also compromised about 6 million records at the Louisiana Department of Motor Vehicles and affected about 4 million people through the Colorado Department of Health Care Policy and Financing and 3.5 million more through the Oregon Department of Transportation.
Read more in a full report at TheHill.com.