British Airways & Boots Staff Personal Data Exposed In Data Breach
In a recent disclosure by British Airways (BA), it was reported that all its UK-based staff have had their personal data exposed in a cyber attack. The information compromised in this security breach includes bank and contact details. This breach occurred following an exploitation of a previously unknown flaw (zero-day vulnerability), in the file transfer system “MOVEit” from Progress Software, which we reported on last week (See the article here).
Last week, it was discovered that cyber criminals had used the vulnerability in MOVEit to access sensitive data. Confirming the incident on Monday June 5th, Zellis, a UK-based payroll provider, stated that eight of its clients had been affected by this cyber attack, but refrained from identifying the organisations. Subsequently, British Airways has confirmed that it was one of the businesses effected by the data breach, which has left the details of more than 34,000 UK staff details exposed.
Other well-known organisations including the Boots have confirmed that they have been effected by the attack and the BBC has also been implicated as potentially being effected in this cyber attack, with speculations linking the incident to a Russia-based group. British Airways issued a statement to Sky News saying, “We have been informed that we are one of the companies impacted by Zellis’ cyber security incident which occurred via one of their third-party suppliers called MOVEit. Zellis provides payroll support services to hundreds of companies in the UK, of which we are one. This incident happened because of a new and previously unknown vulnerability in a widely used MOVEit file transfer tool. We have notified those colleagues whose personal information has been compromised to provide support and advice.”.
Zellis have also released their own statement following the breach stating, “A large number of companies around the world have been affected by a zero-day vulnerability in Progress Software’s MOVEit Transfer product. We can confirm that a small number of our customers have been impacted by this global issue and we are actively working to support them. All Zellis-owned software is unaffected and there are no associated incidents or compromises to any other part of our IT estate. Once we became aware of this incident we took immediate action, disconnecting the server that utilises MOVEit software and engaging an expert external security incident response team to assist with forensic analysis and ongoing monitoring.”
Whilst the amount of businesses effected may be a “small number” according to Zellis, the impact on those companies and the individuals effected could still be substantial if the 34,000 BA employees is anything to go by. If your business uses Zellis or MOVEit we would advise reaching out to your account manager for further clarification. If you are concerned about your data privacy and if any of your online accounts may have been leaked on the Dark Web, click the link below to find out more about our Dark Web monitoring service and sign up for a free business domain scan. We can also help your business with a complete Cyber Security audit to ensure that you have the best Cyber Security solutions in place to protect your business from attacks and data breaches.
Latest News Stories
One2Call Announce New Partnership with Sheffield Wednesday FC
We are excited to announce our new partnership with Sheffield Wednesday Football Club for the upcoming EFL Championship season!
3 Cybersecurity Solutions That Can Help Avoid Costly Downtime
Discover the factors for choosing the perfect MSP partner. Get reliable technology services for your business with expert 24/7 support & detailed asset tracking
SentinelOne Achieves 100% Protection and Detection in the 2023 MITRE Engenuity ATT&CK® Evaluations Enterprise.
In today's digitally interconnected world, where businesses are constantly under attack from sophisticated cyber threats, having a robust cybersecurity partner is not just an option but a necessity. In the world of cybersecurity solutions, SentinelOne's Singularity...
Our Customers
Testimonials
Alan Wooler, ProAct
Stuart who attended is a spot on guy who knows his stuff and is very polite.
James, Proove Restaurant
Very helpful, did exactly what I needed.
Woody World
Alex & Jordan provided the usual exceptional service that One2Call have always provided. Thanks, one and all.