LONDON (Reuters) – Tens of thousands of employees of British Airways, the UK drugstore chain Boots and Britain’s BBC were among those whose personal data was exposed following a wide-ranging breach centred on a popular file transfer tool, the organizations confirmed on Monday. BA, the BBC and Boots said the breach occurred at their payroll […]
BA, BBC and Boots caught up in file transfer hack
LONDON (Reuters) – Tens of thousands of employees of British Airways, the UK drugstore chain Boots and Britain’s BBC were among those whose personal data was exposed following a wide-ranging breach centred on a popular file transfer tool, the organizations confirmed on Monday.
BA, the BBC and Boots said the breach occurred at their payroll provider, Zellis. The provincial government of Nova Scotia, in Canada, was also hit.
The data from Zellis and the Nova Scotia government was exposed through their use of the MOVEit file transfer software, both organizations said in separate statements. Zellis declined to say how many customers were affected.
The Nova Scotia government did not immediately return a request for comment. In a statement, Nova Scotia’s cyber security and digital solutions minister, Colton LeBlanc, said his residents “will have questions, and we do, too.”
British Airways, owned by IAG, said it had notified affected employees and was providing them with support. Boots, part of Walgreens Boots Alliance, said the attack had included some of its employees’ personal details. The BBC said it was working with Zellis “as they urgently investigate the extent of the breach.”
MOVEit has been at the centre of security industry concerns after its maker, Massachusetts-based Progress Software, disclosed a flaw last week that could have allowed hackers to intercept data being exchanged through the program.
In a statement on Monday, MOVEit said it had fixed the vulnerability exploited by the hackers and was working with experts to investigate the issue “and ensure we take all appropriate response measures.”
Microsoft on Sunday said it believed the group behind the hacks was “Lace Tempest” – the nickname assigned to online extortionists who run the cl0p ransomware site.
In an email to Reuters, the “cl0p team” confirmed it was responsible for the breaches, saying “it was our attack” and that victims who refused to pay would be named on its website. The group did not immediately respond to a request for more details.
Boots employs over 50,000 people in Britain. British Airways has about 30,000 staff, and the BBC employs more than 21,000 people.
(Reporting by Raphael Satter in Washington, Sarah Young and Muvija M in London and Eva Mathews in Bengaluru; additional reporting by Kanishka Singh; Editing by Paul Sandle, Bill Berkrot and Leslie Adler)