British Airways and BBC among Large Companies Targeted in Massive Cyberattack by Russian Hackers

Large British groups, including British Airways and the BBC, have been targeted by a vast cyberattack, attributed by the local press to Russian hackers, and during which the data of thousands of employees was stolen.

• Read also – Computer security: Quebec SMEs lagging behind in a war

The attack targeted Zellis, a British company specializing in payroll and human resources management, whose eight clients were affected.

“A large number of companies around the world have been affected by a vulnerability” in the MOVEit software, provided by the American Progress Software and used by Zellis on a server which has since been disconnected, assures the company Tuesday in a statement sent to AFP.

But it has so far found no evidence that the stolen information was made public or illegally used, and the motive for the data theft is unclear, with no group claiming responsibility, said to AFP a source close to the file.

Progress Software had said last week on its website “to have discovered a vulnerability in MOVEit Transfer” likely to lead in particular to “unauthorized access”, and recommended to its customers to “take immediate measures”, in particular by “removing the files and unauthorized user accounts”.

“We have been informed that we are one of the companies affected by the cybersecurity incident,” British Airways confirmed to AFP.

The BBC says the stolen data included staff identification numbers, dates of birth, home addresses and national insurance numbers.

According to the daily The Daily Telegraph“up to 100,000 British workers” may have been affected.

According to The Daily Telegraph, the compromised data within British Airways also includes bank details, and Boots pharmacies and the airline Aer Lingus were also affected by the attack.

“The cyberattack appeared to be linked to a Russian-speaking cybercrime group called Clop,” the daily continues, citing security researchers, as attacks attributed to groups linked to Russia increased following the start of the crisis. war in Ukraine.

The National Cybersecurity Center (NCSC), the British public agency responsible in particular for assisting victims of cyberattacks, indicated for its part “working to fully understand the impact in the United Kingdom” of the attack.