MOVEit Hack – BBC, British Airways Employees Contact and Financial Data Exposed

A major MOVEit Hack has impacted many businesses, notably the BBC, British Airways, Boots, and Aer Lingus.

The organizations acknowledged that tens of thousands of British Airways, Boots, and BBC staff had their personal information compromised due to a large-scale breach that targeted a popular file transfer tool. 

The compromise was discovered at Zellis, the payroll supplier for BA, the BBC, and Boots. The Nova Scotia provincial government in Canada was also struck.

“We have been informed that we are one of the companies impacted by Zellis’s cybersecurity incident, which occurred via one of their third-party suppliers called MOVEit,” said an airline representative.

The data from Zellis and the Nova Scotia government was exposed as a result of their use of the MOVEit file transfer tool, according to separate statements from both organizations.

Zellis declined to indicate how many clients were affected. 

The Breach’s Stolen Information

According to the Daily Telegraph, which initially reported the hack, an email issued to BA workers stated that the exposed information included names, addresses, national insurance numbers, and banking information. BA stated that the hack affected employees paid through BA payroll in the UK and Ireland.

Additionally, employees were told that the data included in the hack included their names, surnames, employee numbers, dates of birth, email addresses, the first lines of their home addresses, and national insurance numbers.

The BBC believes the leak did not involve employee bank information.

“We are aware of a data breach at our third-party supplier, Zellis, and are working closely with them as they urgently investigate the extent of the breach. We take data security extremely seriously and are following the established reporting procedures,” the spokesperson said.

Zellis stated that a “small” number of its customers were affected by a vulnerability in MOVEit, the company’s file transfer technology.

“We can confirm that a small number of our customers have been impacted by this global issue, and we are actively working to support them,” the company stated, adding that the UK data protection agency and the National Cyber Security Centre had been notified. 

It is believed that the incident affected eight Zellis customers in the United Kingdom and Ireland.

Microsoft’s threat intelligence team ascribed the MOVEit assaults to a group known as Lace Tempest.

It said the organization was notorious for ransomware activities and maintaining an “extortion site” with data collected from Clop ransomware attacks.

Microsoft added: “The threat actor has used similar vulnerabilities in the past to steal data and extort victims.”

MOVEIt has been at the center of security industry concerns since its maker, Massachusetts-based Progress Software, discovered a weakness last week that might have allowed hackers to intercept data being transferred through the program.

MOVEit said on Monday that it addressed the vulnerability exploited by the hackers and was working with specialists to analyze the issue “and ensure we take all appropriate response measures.”

Struggling to Apply The Security Patch in Your System? – 
Try All-in-One Patch Manager Plus