Cyberattack Targets BBC and British Airways via MOVEit Software
Britain’s cybersecurity agency issued a warning on Wednesday, urging companies to remain vigilant following a software hack that compromised personal details of employees at the BBC, British Airways, and other firms.
The breach occurred after hackers successfully infiltrated MOVEit, a popular file transfer software. The Clop ransomware group, believed to be based in Russia, has threatened to publish stolen data, including names and home addresses, on their dark web platform. The National Cyber Security Center (NCSC) in the UK stated that they are actively investigating the impact of the vulnerability and advised organizations to take immediate action by implementing security updates and following best practices recommended by the software vendor.
MOVEit is widely used by businesses to securely exchange files online, and Zellis, a leading payroll services provider in the UK working with British Airways and numerous other companies, was among its users. Zellis confirmed that a “small number” of its customers were affected by the breach.
The breach allowed hackers to access databases of potentially hundreds of other companies by exploiting a new and previously unknown vulnerability in the MOVEit file transfer tool, according to British Airways. The airline has informed the affected individuals and is providing them with support and guidance. Boots, a major drugstore chain employing over 50,000 people, has also notified its staff about the breach.