MOVEit software zero day vulnerability used to hack British Airways, Boots & BBC employee data

As a result of a widespread cyber attack, which was purportedly carried out by a Russian-speaking criminal gang, the personal data of thousands of individuals working for different firms headquartered in the United Kingdom has been hacked, which has led to fears about the possibility of the attack spreading to the United States. The workers of prestigious UK organizations such as British Airways, Boots, and the BBC have been notified about a data breach that affected Zellis. Zellis is the UK payroll provider that is responsible for managing the payroll requirements of over half of the FTSE 100 companies. The security compromise exposed personally identifiable information, including names, birth dates, and National Insurance numbers, among other things.

The hackers took advantage of an undiscovered flaw in a piece of software known as MOVEit, which transfers files between computers. This incident highlights the increased dangers that businesses face from sophisticated cyber attacks targeting at software supply chain problems. The incident highlights the growing danger posed by so-called “hack and leak” attempts, in which cybercriminals demand a ransom in exchange for the promise that they would not disclose important information.
The criminal organization known as Clop, which is suspected of being behind this attack, has a well-deserved reputation for demanding very high ransoms, which often surpass $1 million. Surprisingly, no organization has come forward to claim credit for the hack, leaving the motivation for the attack unknown.

It is well knowledge that Clop seeks for flaws in secure file-transfer software. The fact that such software often deals with some of a company’s most precious data makes these kinds of attacks very profitable. Experts in the field of information security have hypothesized that the organization’s operations are driven more by financial gain than by political ideology.


Given the widespread use of MOVEit software throughout the United States, cybersecurity professionals  believe that the effects of this attack might soon be seen across the nation. It is also important to note that regulatory disclosure tends to be delayed in the United States, which suggests that there may be an increasing number of victims as time passes. According to the researchers’ hypotheses, businesses in Canada and India might potentially be impacted as well.

The attack on Zellis is another worrisome chapter in the growing trend of “hack and leak” operations. These attacks are carried out by cybercriminals, many of whom are headquartered in Russia, who exploit flaws in software in order to steal sensitive data and maybe make a profit off of it.

In response to the attack, the technology company Progress, which is located in Massachusetts and is the company that developed MOVEit, suggested making tweaks to the software settings in order to prevent data breaches while waiting for an upgrade that is more effective. In addition, the corporation fixed the security hole in its systems by releasing an updated version of its software.

Zellis has said that all of its other software is unaffected and that there have been no incidents or breaches to any other sections of its IT estate that are connected to the vulnerability. The breach has been reported to the Information Commissioner’s Office in the United Kingdom, as well as to the director of public prosecutions and the National Cyber Security Center.

The latest incident highlights the rising danger of cyber attacks as well as the increasing susceptibility of corporations to breaches throughout their software supply chains. Both of these trends are highlighted by the current attack. Additionally, the necessity of preventative measures such as rigorous cybersecurity procedures, prompt incident response, and consistent system upgrades is brought to light by this. In addition, it is now more important than ever before for businesses to respond quickly in order to fix their systems and be ready for the possibility of public data dumps.

It is vital to keep in mind that cybersecurity is not only an IT problem; rather, it is a key component of business strategy that impacts every aspect of a company. This is especially important as organizations all over the globe grow increasingly dependent on digital tools and procedures.