Russian cyber gang’s MOVEit hack threatens global corporations, including BBC
A Russian cyber-extortion gang’s hack of a widely-used file-transfer program, MOVEit, could have severe global consequences, with initial victims including the BBC, British Airways, and Nova Scotia’s government. Cybersecurity experts have warned that this could be one of the most significant breaches in recent years, with the true impact becoming clearer as more information emerges.
The Cl0p ransomware syndicate announced on its dark website that its victims, potentially numbering in the hundreds, had until June 14 to negotiate a ransom or risk having sensitive stolen data dumped online. MOVEit is popular among businesses for securely sharing files, and although its parent company, Progress Software, issued a patch on May 31, many companies may have already had sensitive data exfiltrated.
Caitlin Condon, senior manager of security research at cybersecurity firm Rapid7, said, “There are undoubtedly organisations who don’t even know yet that they’re affected.” Condon added that a wide range of organisations across various sectors have been impacted by the attack, with more disclosures of data theft expected as regulatory reporting requirements come into play.
Zellis, a leading UK payroll services provider that serves British Airways, the BBC, and hundreds of other clients, confirmed that a “small number” of its customers were affected by the breach. British Airways and the BBC have both notified affected colleagues and are working to establish the extent of the breach. The UK chemist chain Boots and Nova Scotia’s government also confirmed they were among the victims.
The Cl0p ransomware group has previously breached other file-transfer programs to gain access to data for extortion purposes. The US Cybersecurity and Infrastructure Security Agency and the FBI issued a joint advisory stating that Cl0p has compromised more than 3,000 US-based organisations and 8,000 global organisations. The advisory warned of widespread exploitation of unpatched software services in both private and public networks due to the speed and ease of Cl0p’s operations.