Tuesday, March 19, 2024

MOVEit Hack – BBC, British Airways Employees Contact and Financial Data Exposed

A major MOVEit Hack has impacted many businesses, notably the BBC, British Airways, Boots, and Aer Lingus.

The organizations acknowledged that tens of thousands of British Airways, Boots, and BBC staff had their personal information compromised due to a large-scale breach that targeted a popular file transfer tool. 

The compromise was discovered at Zellis, the payroll supplier for BA, the BBC, and Boots. The Nova Scotia provincial government in Canada was also struck.

“We have been informed that we are one of the companies impacted by Zellis’s cybersecurity incident, which occurred via one of their third-party suppliers called MOVEit,” said an airline representative.

The data from Zellis and the Nova Scotia government was exposed as a result of their use of the MOVEit file transfer tool, according to separate statements from both organizations.

Zellis declined to indicate how many clients were affected. 

The Breach’s Stolen Information

According to the Daily Telegraph, which initially reported the hack, an email issued to BA workers stated that the exposed information included names, addresses, national insurance numbers, and banking information. BA stated that the hack affected employees paid through BA payroll in the UK and Ireland.

Additionally, employees were told that the data included in the hack included their names, surnames, employee numbers, dates of birth, email addresses, the first lines of their home addresses, and national insurance numbers.

The BBC believes the leak did not involve employee bank information.

“We are aware of a data breach at our third-party supplier, Zellis, and are working closely with them as they urgently investigate the extent of the breach. We take data security extremely seriously and are following the established reporting procedures,” the spokesperson said.

Zellis stated that a “small” number of its customers were affected by a vulnerability in MOVEit, the company’s file transfer technology.

“We can confirm that a small number of our customers have been impacted by this global issue, and we are actively working to support them,” the company stated, adding that the UK data protection agency and the National Cyber Security Centre had been notified. 

It is believed that the incident affected eight Zellis customers in the United Kingdom and Ireland.

Microsoft’s threat intelligence team ascribed the MOVEit assaults to a group known as Lace Tempest.

It said the organization was notorious for ransomware activities and maintaining an “extortion site” with data collected from Clop ransomware attacks.

Microsoft added: “The threat actor has used similar vulnerabilities in the past to steal data and extort victims.”

MOVEIt has been at the center of security industry concerns since its maker, Massachusetts-based Progress Software, discovered a weakness last week that might have allowed hackers to intercept data being transferred through the program.

MOVEit said on Monday that it addressed the vulnerability exploited by the hackers and was working with specialists to analyze the issue “and ensure we take all appropriate response measures.”

Struggling to Apply The Security Patch in Your System? – 
Try All-in-One Patch Manager Plus

Website

Latest articles

CryptoWire Ransomware Attacking Abuses Schedule Task To maintain Persistence

AhnLab security researchers detected a resurgence of CryptoWire, a ransomware strain originally prevalent in...

E-Root Admin Sentenced to 42 Months in Prison for Selling 350,000 Credentials

Tampa, FL – In a significant crackdown on cybercrime, Sandu Boris Diaconu, a 31-year-old...

WhiteSnake Stealer Checks for Mutex & VM Function Before Execution

A new variant of the WhiteSnake Stealer, a formidable malware that has been updated...

Researchers Hack AI Assistants Using ASCII Art

Large language models (LLMs) are vulnerable to attacks, leveraging their inability to recognize prompts...

Microsoft Deprecate 1024-bit RSA Encryption Keys in Windows

Microsoft has announced an important update for Windows users worldwide in a continuous effort...

Beware Of Free wedding Invite WhatsApp Scam That Steal Sensitive Data

The ongoing "free wedding invite" scam is one of several innovative campaigns aimed at...

Hackers Using Weaponized SVG Files in Cyber Attacks

Cybercriminals have repurposed Scalable Vector Graphics (SVG) files to deliver malware, a technique that...
Guru baran
Guru baranhttps://gbhackers.com
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Mitigating Vulnerability Types & 0-day Threats

Mitigating Vulnerability & 0-day Threats

Alert Fatigue that helps no one as security teams need to triage 100s of vulnerabilities.

  • The problem of vulnerability fatigue today
  • Difference between CVSS-specific vulnerability vs risk-based vulnerability
  • Evaluating vulnerabilities based on the business impact/risk
  • Automation to reduce alert fatigue and enhance security posture significantly

Related Articles