British Airways is one of dozens of British, American and Canadian companies and organizations hit by a major cyber attack, with the perpetrators told to contact them within 7 days or their employees’ personal data will be dumped online. File photo by Molly Riley/UPI | License photo
June 7 (UPI) — Russian hackers who stole the payroll data of more than 100,000 employees of major British, American and Canadian companies and organizations threatened Wednesday to dump the data online unless the companies come forward with negotiations.
In a message posted on the so-called dark web, The Clop group said the victims of the hack, which include the BBC, British Airways, Are Lingus and Walgreens Boots Alliance, have email addresses for them. by mail until June 14 or face the publication of their data on the Internet.
“This is a notice to educate companies that use the Progress MOVEit product that there is a high possibility that we are downloading a large amount of your data as part of an exclusive exploit,” the BBC wrote.
The group was able to collect personal information, from names and addresses to Social Security numbers and bank details, by hacking into MOVEit, a widely used business software developed by Massachusetts-based Progress that moves files into company systems.
Zellis, the largest provider of payroll services in Great Britain and Ireland, confirmed that data had been stolen from eight unnamed organizations it works with, but what was taken varied for different clients. It said it took immediate action to shut down the server, which uses third-party MOVEit software, and remove the security incident response team for forensic analysis and ongoing monitoring.
“All Zellis-owned software is unaffected and there are no related incidents or compromises to any other part of our IT assets.” We use robust security processes across all of our services and they all continue to operate as normal,” the company said.
Walgreens Boots Alliance said that “a global data vulnerability that affected third-party software used by one of our payroll providers involved some of our team members’ personal data.”
“Our provider has assured us that immediate action has been taken to shut down the server and we have informed our team first,” the company said.
British Airways, which employs 34,000 people in the UK alone, said it had notified staff whose information had been breached and was providing them with “support and advice”.
“We have notified those colleagues whose personal information was breached to provide support and advice,” the spokesperson said.
In a letter to 22,000 staff, the BBC said the stolen data included staff ID numbers, dates of birth, home addresses and National Insurance numbers.
Both Zellis and British Airways reported the incident to Britain’s data protection and privacy watchdog, the Information Commissioner’s Office.
Other organizations targeted included the University of Rochester in New York state and the government of Nova Scotia, although Clop said in his statement that data from national and local governments or public services such as the police had been deleted.
“Don’t worry, we’ve deleted your data, you don’t need to contact us. We have no interest in disclosing such information.”
Last week, the US Cybersecurity and Infrastructure Security Agency issued an alert instructing companies using MOVEit to download a security patch from Progress to prevent further breaches.
In 2021, a joint operation between Ukraine, the United States, and South Korea broke down against the Klop gang in Ukraine, who, according to them, defrauded victims around the world for 500 million.