Clop ransomware group sets deadline for BA, Boots and BBC cyber attack victims
A cyber attack on companies such as British Airways and Boots has been attributed to the suspected Russian group Clop, which has issued a deadline for victims to negotiate before hacked data is published online. The attack targeted the MOVEit software, resulting in personal data of over 100,000 employees being compromised, including bank and contact details. Clop posted a notice on the dark web, instructing victims to email and negotiate with the group by June 14, according to the BBC.
In addition to British Airways and Boots, other victims of the cyber attack include the BBC, Aer Lingus, the University of Rochester in New York, and the government of Nova Scotia in Canada. Clop reportedly claimed that it has deleted any data from government, city, or police services, stating: “Do not worry, we erased your data you do not need to contact us. We have no interest to expose such information.”
Payroll software company Zellis, which utilised the MOVEit software, said that eight of its customers were affected by the cyber attack but did not disclose their names. Other Zellis customers include Jaguar Land Rover, Harrods, and Dyson. Potentially hundreds of companies using the popular MOVEit business software may have been impacted.
A weak link in MOVEit code, known as a zero-day vulnerability, allowed hackers to access its servers and the personal and financial data of employees. The group’s motivations remain unclear, but Clop claimed responsibility in an email to Reuters news agency on Monday.
A spokesperson for MOVEit said: “Our customers have been, and will always be, our top priority. When we discovered the vulnerability, we promptly launched an investigation, alerted MOVEit customers about the issue and provided immediate mitigation steps.” They added, “We are continuing to work with industry-leading cybersecurity experts to investigate the issue and ensure we take all appropriate response measures. We have engaged with federal law enforcement and other agencies with respect to the vulnerability.”