November 17, 2023 - SOAH uses the MOVEit Secure File Transfer platform for the electronic transfer and sharing of hearing exhibits, audio and video evidence, and other administrative case records at SOAH. SOAH is aware that MOVEit experienced security-related outages in May and June of 2023, relating to a cyberattack that exploited a former “zero-day vulnerability” within the platform.

Although news reports indicate that other governmental entities in the U.S. experienced security breaches affecting customer information, SOAH uses a version of MOVEit that was deliberately taken off-line during these attacks to protect customer data while security patches were deployed. Forensic investigations also indicate the cluster of servers where SOAH-related file transfers reside was not affected by the staged exploit. There is no evidence at this time to indicate that SOAH files suffered any exfiltration of data in an unauthorized manner as a result of these recent system vulnerabilities.

All versions of MOVEit Cloud have been patched for the identified vulnerabilities, and service was restored on June 16, 2023. MOVEit has not observed any signs of malicious activity since service was restored.

SOAH has deployed all required security patches and is carefully monitoring system activity in conjunction with the Texas Department of Information Resources and a third-party cybersecurity company.

To safeguard SOAH’s overall information security posture with respect to MOVEit, SOAH has placed enhanced restrictions on all SOAH-guest MOVEit accounts that are used to share exhibits or receive case records. These include, for example:

• Access to shared files is now limited to 21 days or a total of 25 downloads.
• Access to view or upload case exhibits is restricted to only individuals who are listed as an official service contact within eFileTexas for the specific SOAH Docket Number.
• SOAH will no longer provide courtesy access to case exhibits shared through MOVEit for persons who are not specifically named as a service contact for the case, regardless of their affiliation or position with the agency or attorneys involved.

At this time, participants in SOAH proceedings are expected to continue to follow SOAH’s General Order Relating to the Submission of Exhibits for General Hearings, Guidelines for Electronic Filing in Driver’s License Hearings, and any orders of the SOAH judge to the extent such orders require parties to submit information to SOAH using MOVEit.

SOAH will continue to monitor systems, and observe all communications and guidance regarding usage of the MOVEit Cloud platform. If new details or security vulnerabilities are uncovered, this page will be updated accordingly.