British Airways & Boots Staff Personal Data Exposed In Data Breach
In a recent disclosure by British Airways (BA), it was reported that all its UK-based staff have had their personal data exposed in a cyber attack. The information compromised in this security breach includes bank and contact details. This breach occurred following an exploitation of a previously unknown flaw (zero-day vulnerability), in the file transfer system “MOVEit” from Progress Software, which we reported on last week (See the article here).
Last week, it was discovered that cyber criminals had used the vulnerability in MOVEit to access sensitive data. Confirming the incident on Monday June 5th, Zellis, a UK-based payroll provider, stated that eight of its clients had been affected by this cyber attack, but refrained from identifying the organisations. Subsequently, British Airways has confirmed that it was one of the businesses effected by the data breach, which has left the details of more than 34,000 UK staff details exposed.
Other well-known organisations including the Boots have confirmed that they have been effected by the attack and the BBC has also been implicated as potentially being effected in this cyber attack, with speculations linking the incident to a Russia-based group. British Airways issued a statement to Sky News saying, “We have been informed that we are one of the companies impacted by Zellis’ cyber security incident which occurred via one of their third-party suppliers called MOVEit. Zellis provides payroll support services to hundreds of companies in the UK, of which we are one. This incident happened because of a new and previously unknown vulnerability in a widely used MOVEit file transfer tool. We have notified those colleagues whose personal information has been compromised to provide support and advice.”.
Zellis have also released their own statement following the breach stating, “A large number of companies around the world have been affected by a zero-day vulnerability in Progress Software’s MOVEit Transfer product. We can confirm that a small number of our customers have been impacted by this global issue and we are actively working to support them. All Zellis-owned software is unaffected and there are no associated incidents or compromises to any other part of our IT estate. Once we became aware of this incident we took immediate action, disconnecting the server that utilises MOVEit software and engaging an expert external security incident response team to assist with forensic analysis and ongoing monitoring.”
Whilst the amount of businesses effected may be a “small number” according to Zellis, the impact on those companies and the individuals effected could still be substantial if the 34,000 BA employees is anything to go by. If your business uses Zellis or MOVEit we would advise reaching out to your account manager for further clarification. If you are concerned about your data privacy and if any of your online accounts may have been leaked on the Dark Web, click the link below to find out more about our Dark Web monitoring service and sign up for a free business domain scan. We can also help your business with a complete Cyber Security audit to ensure that you have the best Cyber Security solutions in place to protect your business from attacks and data breaches.
Latest News Stories
Tackling the $8 Trillion Cyber Crime Crisis
As the Cyber Threat landscape grows increasingly complex and fast-paced, experts predict that the total cost of Cyber Crime will surpass $8 trillion by the end of 2023. This staggering figure includes money stolen by cyber criminals, investments in security tools and...
Cancer Clinic’s Chilling Ultimatum: Pay Ransom or Face Patient Harassment
Crown Princess Mary Cancer Centre, a prominent Sydney-based cancer clinic, has recently been targeted by a notorious ransomware group, Medusa. The is among many Cyber Attacks targeting Australian businesses in recent months. The cyber criminals issued an ultimatum...
Combating Cyber Crime: The Human Factor
A startling reality in today's interconnected world is that up to 95% of Cyber Attacks can be traced back to human errors. Companies with more employees face a higher risk of falling victim to cyber crime. While cyber criminals do occasionally breach firewalls, it is...
Our Customers
Testimonials
Pauline, Khepera Business Park
Tenant is very satisfied. They were impressed by Adam’s knowledge and helpfulness.
Rachel Warne, Bank View Farm
Professional, friendly, don’t blind you with technical jargon, get things sorted quickly.
Jake, Opus UK
Closing tickets faster than I can submit them.