A vulnerability in the MOVEit file transfer software has allowed a group of hackers to steal the data of thousands of employees.
In 24 hours, the famous media group BBC, the airlines British Airways and Aer Lingus or the province of Nova Scotia in Canada, all suffered a cyberattack at the same time. Since June 5, the list of victims has grown after the discovery of a vulnerability in the MOVEit transfer software. The flaw had been revealed by the specialized media Bleeping Computer.
The US company behind the product, Progress Software, says hackers have found a way to break into MOVEit. Over 3,000 organizations use this software. The first targets noticed large downloads or unexpected backups on their system. We do not yet know the nature of all the stolen data. In an email sent to employees, the BBC said the information stolen included identification numbers, dates of birth, home addresses and Social Security numbers.
An HR software company as a starting point
Most of the attacks were carried out from an operation against Zellis, an HR management software used by many groups in the UK and Ireland. The hackers were then able to recover the client files thanks to the MOVEit flaw.
Microsoft found that the Cl0p ransomware group was behind this wave of cyber attack. The cybercriminals do not really hide it since they admitted it themselves to the journalists of Bleeping Computer. This collective of hackers steals data before demanding a ransom from its victims.
Cl0p already took advantage in 2023 of another flaw, also in file transfer software, launching cyberattacks against several thousand companies. The hackers managed to steal the data of more than a hundred organizations. It would seem that the group is particularly attentive to flaws in business software. The Progress Software company advises all its customers to update its product.
Do you want to know everything about the mobility of tomorrow, from electric cars to pedelecs? Subscribe now to our Watt Else newsletter!