British Airways, the BBC, and U.K. pharmacy chain Boots fell victim to a data breach caused by a vulnerability in the MOVEit document-transfer application. Microsoft’s Lace Tempest team has confirmed that the breach was orchestrated by individuals associated with the Russian Clop ransomware gang.
The intrusion took advantage of a flaw in Zellis’ infrastructure. Zellis reported that their MOVEit installation was infiltrated, leading in unlawful access and theft of information from a small number of its clients, including British Airways, the BBC, and Boots. Zellis, on the other hand, promised its clients that the compromise had no impact on its own software.
The security researchers discovered that the cybercriminals exploited a vulnerability in MOVEit, a software used by Zellis, for at least a month before detection. The developer, Progress, has released a patch to fix the vulnerability (CVE-2023-34362).
The exact number of people affected, and the degree of exposed data are unknown, but the firm are said to be assisting the impacted employees. Both British Airways and Zellis disclosed the breach to the UK Information Commissioner’s Office (ICO) in reaction to the breach. Zellis also contacted the Irish privacy watchdog and the British cyber-police.
The sources for this piece include an article in TheRegister.