British Airways (BA) disclosed a cyber security breach, revealing that the personal data of its 34,000 UK-based employees, including contact details, National Insurance numbers, and bank details, has been exposed. This follows the recent exploitation of a zero-day vulnerability in the file transfer system, MOVEit, by cybercriminals. The system, a product of Progress Software, was instrumental in the breach that affected multiple global companies.
On June 5, UK payroll provider Zellis confirmed that eight of its clients had been impacted, with BA later announcing its involvement in the incident. BBC and healthcare chain Boots were also reported among the companies affected by the cyber attack, which was linked to a Russia-based hacking group.
British Airways stated, “We are one of the companies impacted by Zellis’ cybersecurity incident which occurred via one of their third-party suppliers called MOVEit. This incident happened because of a new and previously unknown vulnerability in the MOVEit file transfer tool.”
Meanwhile, a Zellis spokesperson confirmed that a limited number of their customers were affected by the global issue. They emphasized that all Zellis-owned software remained unaffected and that immediate action was taken, including disconnecting the server that uses MOVEit software and hiring an external security incident response team.
Source: www.scotsman.com
To mitigate potential threats, it is important to implement additional cybersecurity measures with the help of a trusted partner like INFRA www.infrascan.net or you can try your self using check.website.