Britain’s cybersecurity agency on Wednesday urged companies to be vigilant after the BBC, British Airways and other firms said their employees’ personal details may have been compromised in a software hack.
The companies were the first major victims after hackers successfully breached a popular file transfer software called MOVEit. The Clop ransomware group, thought to be based in Russia, has threatened on its dark web site that stolen data, including personal details such as names and home addresses, could be published.
“We are working to fully understand the U.K. impact following reports of a critical vulnerability affecting MOVEit Transfer software being exploited,” Britain’s National Cyber Security Center said in a statement.
“The NCSC strongly encourages organizations to take immediate action by following vendor best practice advice and applying the recommended security updates,” it added.
MOVEit is a program widely used by businesses to securely share files online. Zellis, a leading payroll services provider in the U.K. that works with British Airways, the BBC and hundreds of others, was one of its users. Zellis said Monday a “small number” of its customers have been affected by the breach.
It is thought that hackers broke into the software and used that to gain access to the databases of potentially hundreds of other companies.
“This incident happened because of a new and previously unknown vulnerability in a widely used MOVEit file transfer tool,” British Airways said in a statement. “We have notified those colleagues whose personal information has been compromised to provide support and advice.”
The BBC, which employs about 22,000 people worldwide, said it was working with Zellis as it sought to establish the extent of the breach.
The broadcaster said in an email sent Monday to all U.K. staff and freelancers that data including birthdates, national insurance numbers and home addresses was disclosed. But it said bank account details had apparently not been compromised, and there was “no evidence that the data is being exploited.”
Drugstore chain Boots, which employs more than 50,000 people, also said it had made staff aware of the hack.
BA and Zellis said they had reported the incident to Britain’s Information Commissioner’s Office.
© 2023 The Associated Press. All rights reserved. This material may not be published, broadcast, rewritten or redistributed without permission.
Citation:
BBC, British Airways among big-name victims in MOVEit software hack (2023, June 7)
retrieved 7 June 2023
from https://techxplore.com/news/2023-06-bbc-british-airways-big-name-victims.html
This document is subject to copyright. Apart from any fair dealing for the purpose of private study or research, no
part may be reproduced without the written permission. The content is provided for information purposes only.
For all the latest Technology News Click Here
For the latest news and updates, follow us on Google News.
Denial of responsibility! NewsBit.us is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – [email protected]. The content will be deleted within 24 hours.
