2023-06-06 00:58:24
As a result of a widespread cyberattack, allegedly carried out by a Russian-speaking criminal gang, the personal details of thousands of people working for different UK-based companies have been hacked, raising fears about the possibility. of the attack spread to the United States. Workers at prestigious UK organizations such as British Airways, Boots and the BBC have been notified about a data breach involving Zellis. Zellis is the UK payroll provider responsible for managing the payroll requirements of more than half of the FTSE 100 companies. The breach exposed personally identifiable information, including names, dates of birth and national insurance numbers, among other things.
The hackers took advantage of an undiscovered flaw in software known as MOVEit, which transfers files between computers. This incident highlights the growing dangers businesses face from sophisticated cyberattacks targeting software supply chain issues. The incident highlights the growing danger posed by so-called “hack and leak” attempts, in which cybercriminals demand a ransom in exchange for a promise not to divulge important information.
The criminal organization known as Clop, suspected of being behind this attack, has a well-deserved reputation for demanding very high ransoms, often in excess of $1 million. Surprisingly, no organization has come forward to claim credit for the hack, leaving the motivation for the attack unknown.
It is well known that Clop finds flaws in secure file transfer software. The fact that such software often deals with some of a company’s most precious data makes these types of attacks very profitable. Experts in the field of information security have hypothesized that the organization’s operations are driven more by financial gain than political ideology.
Given the widespread use of MOVEit software in the United States, cybersecurity professionals believe that the effects of this attack could soon be seen across the country. It’s also important to note that regulatory disclosure tends to lag in the United States, suggesting that there may be an increasing number of victims as time goes on. According to the researchers’ hypotheses, companies in Canada and India could also be affected.
The Zellis attack is another worrying chapter in the growing trend of hack and leak operations. These attacks are carried out by cybercriminals, many of whom are based in Russia, who exploit flaws in the software to steal sensitive data and perhaps profit from it.
In response to the attack, Massachusetts-based technology company Progress, the company that developed MOVEit, suggested tweaking the software’s settings to prevent data leaks while waiting for a more effective update. Furthermore, the corporation fixed the security hole in its systems by releasing an updated version of its software.
Zellis has said that the rest of its software is not affected and that there have been no incidents or breaches in any other part of its IT property that is related to the vulnerability. The breach has been reported to the Information Commissioner’s Office in the UK, as well as the director of public prosecution and the National Center for Cyber Security.
The latest incident highlights the growing danger of cyberattacks, as well as the increasing susceptibility of corporations to breaches throughout their software supply chains. Both trends are highlighted by the current attack. Furthermore, this highlights the need for preventative measures, such as rigorous cybersecurity procedures, rapid response to incidents, and constant system updates. Additionally, it is now more important than ever that companies respond quickly to repair their systems and be prepared for the possibility of public data dumps.
It is vital to note that cybersecurity is not just an IT issue; rather, it is a key component of business strategy that affects all aspects of a company. This is especially important as organizations around the world become increasingly reliant on digital tools and procedures.
He is a well-known expert in mobile security and malware analysis. He studied Computer Science at NYU and started working as a cyber security analyst in 2003. He is actively working as an anti-malware expert. He has also worked for security companies such as Kaspersky Lab. His daily work includes investigating new malware and cybersecurity incidents. He also has a deep level of knowledge in mobile security and mobile vulnerabilities.
Send news tips to [email protected] or www.instagram.com/iicsorg/
You can also find us on Telegram www.t.me/noticiasciberseguridad
#MoveIT #software #vulnerability #leak #British #Airways #Boots #BBC #data