The BBC, British Airways (BA) and Boots all confirmed this week that the personal data of their staff has been exposed to hackers, following a ransomware incident impacting their payroll provider Zellis.
A spokesperson for the BBC confirmed that the company was “aware of a data breach at our third party supplier, Zellis, and are working closely with them as they urgently investigate the extent of the breach,” but said they don’t believe that employees’ bank account details were compromised.
BA, which employs around 34,000 people in the United Kingdom, said it was “one of the companies impacted by Zellis’ cybersecurity incident, which occurred via one of their third-party suppliers called MOVEit.”
The BBC said it was working with Zellis “as they urgently investigate the extent of the breach.”
In a statement on Monday, MOVEit said it had fixed the vulnerability exploited by the hackers and was working with experts to investigate the issue “and ensure we take all appropriate response measures.”
Microsoft believes the group behind the hacks was “Lace Tempest” – the nickname assigned to online extortionists who run the cl0p ransomware site.
In an email to Reuters, the “cl0p team” confirmed it was responsible for the breaches, saying “it was our attack” and that victims who refused to pay would be named on its website. The group did not immediately respond to a request for more details.
Ransomware mitigation tactics are essential for big businesses, however SMEs can also be the victims of ransomware attacks. To discuss the cybersecurity of your organisation, contact us.
Author: Lisa Seltzer, Agilient Consultant