Monday, April 28, 2025
HomeCyber AttackMOVEit Hack - BBC, British Airways Employees Contact and Financial Data Exposed

MOVEit Hack – BBC, British Airways Employees Contact and Financial Data Exposed

Published on

SIEM as a Service

Follow Us on Google News

A major MOVEit Hack has impacted many businesses, notably the BBC, British Airways, Boots, and Aer Lingus.

The organizations acknowledged that tens of thousands of British Airways, Boots, and BBC staff had their personal information compromised due to a large-scale breach that targeted a popular file transfer tool. 

The compromise was discovered at Zellis, the payroll supplier for BA, the BBC, and Boots. The Nova Scotia provincial government in Canada was also struck.

- Advertisement - Google News

“We have been informed that we are one of the companies impacted by Zellis’s cybersecurity incident, which occurred via one of their third-party suppliers called MOVEit,” said an airline representative.

The data from Zellis and the Nova Scotia government was exposed as a result of their use of the MOVEit file transfer tool, according to separate statements from both organizations.

Zellis declined to indicate how many clients were affected. 

The Breach’s Stolen Information

According to the Daily Telegraph, which initially reported the hack, an email issued to BA workers stated that the exposed information included names, addresses, national insurance numbers, and banking information. BA stated that the hack affected employees paid through BA payroll in the UK and Ireland.

Additionally, employees were told that the data included in the hack included their names, surnames, employee numbers, dates of birth, email addresses, the first lines of their home addresses, and national insurance numbers.

The BBC believes the leak did not involve employee bank information.

“We are aware of a data breach at our third-party supplier, Zellis, and are working closely with them as they urgently investigate the extent of the breach. We take data security extremely seriously and are following the established reporting procedures,” the spokesperson said.

Zellis stated that a “small” number of its customers were affected by a vulnerability in MOVEit, the company’s file transfer technology.

“We can confirm that a small number of our customers have been impacted by this global issue, and we are actively working to support them,” the company stated, adding that the UK data protection agency and the National Cyber Security Centre had been notified. 

It is believed that the incident affected eight Zellis customers in the United Kingdom and Ireland.

Microsoft’s threat intelligence team ascribed the MOVEit assaults to a group known as Lace Tempest.

It said the organization was notorious for ransomware activities and maintaining an “extortion site” with data collected from Clop ransomware attacks.

Microsoft added: “The threat actor has used similar vulnerabilities in the past to steal data and extort victims.”

MOVEIt has been at the center of security industry concerns since its maker, Massachusetts-based Progress Software, discovered a weakness last week that might have allowed hackers to intercept data being transferred through the program.

MOVEit said on Monday that it addressed the vulnerability exploited by the hackers and was working with specialists to analyze the issue “and ensure we take all appropriate response measures.”

Struggling to Apply The Security Patch in Your System? – 
Try All-in-One Patch Manager Plus

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

Windows 11 25H2 Expected to Launch with Minor Changes

Microsoft is quietly preparing the next update to its flagship operating system, Windows 11 25H2,...

China Claims U.S. Cyberattack Targeted Leading Encryption Company

China has accused U.S. intelligence agencies of carrying out a sophisticated cyberattack against one...

Critical FastCGI Library Flaw Exposes Embedded Devices to Code Execution

A severe vulnerability (CVE-2025-23016) in the FastCGI library-a core component of lightweight web server...

Viasat Modems Zero-Day Vulnerabilities Let Attackers Execute Remote Code

A severe zero-day vulnerability has been uncovered in multiple Viasat satellite modem models, including...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

Windows 11 25H2 Expected to Launch with Minor Changes

Microsoft is quietly preparing the next update to its flagship operating system, Windows 11 25H2,...

China Claims U.S. Cyberattack Targeted Leading Encryption Company

China has accused U.S. intelligence agencies of carrying out a sophisticated cyberattack against one...

Critical FastCGI Library Flaw Exposes Embedded Devices to Code Execution

A severe vulnerability (CVE-2025-23016) in the FastCGI library-a core component of lightweight web server...