Zellis Cybersecurity Incident causes BA and Boots employee info data breach

1155

Hackers somehow managed to exploit a vulnerability in Moveit file transfer software and ac-cessed information from the servers of Zellis, a payroll service provider in Britain. Unfortu-nately, British Airways (BA) and Boots are two among the list of companies that were impact-ed by the security incident.

MOVEit produced by Progress Software is taking all precautions to mitigate the risks associat-ed with the incident and has informed the staff of Zellis on how to neutralize the effects of the cyber-attack.

Unconfirmed sources confirmed that details of about 50k staff members from Boots and 34k staff members from British Airways could have impacted in the digital attack.

It is unclear who is behind the incident. But according to Daily Telegraph, a Russian hackers group linked to the GRU named CLOP are suspected to be behind the attack exploit.

CLOP Ransomware hasn’t reacted to the news yet, nor did it publish any stolen details onto the dark web.

However, compromised data includes names, addresses and national insurance numbers of em-ployees in British Airways, Boots, Jaguar Land Rover (JLR) and such.

Coincidentally, Play Ransomware group affiliated to CLOP also managed to take down the servers of a Swiss IT company named Xplain at the end of last week.

Xplain is yet to ascertain the data theft caused by Play Ransomware group.

Swiss Federal Office of Customers and Border Security is investigating the attack deeply and will issue a statement after the play gang sends it a ransom note, digitally.

Ad
Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

No posts to display