2023-07-22 01:00:17
Tens of thousands, if not hundreds of thousands, of employees are believed to have been affected by a cyberattack that took place in June 2023. The attack used a flaw in a file transfer program called MOVEit that was distributed by Progress Software to gain access to companies’ information technology systems.
Zellis, a company that provides payroll services to corporations in the UK including British Airways (BA), BBC, Boots and DHL, is one of the organizations that have been affected by this issue. As a direct consequence of the Zellis hack, personally identifiable information has been obtained from current and former employees of BA, BBC, Boots and DHL. Zellis has published a statement confirming that it has been the victim of a data breach, which has affected some of its clients. Since then, British Airways, the BBC, Boots and DHL have notified those workers and former employees whose personal information was compromised that they have been hacked.
The following are part of the data breach:
In the case of DHL, this includes the workers’ DHL payroll number, first name, last name, date of birth, national insurance number, first line of address, start date of employment, end date of employment (for those leaving), start date of employment and first line of address.
The fact that this cyberattack is quite similar to others carried out by the infamous Russian C10p (Clop) ransomware gang has led IT experts to conclude that the group is responsible for the attack. In addition, Clop has posted a warning on their darknet website stating that they have exploited vulnerabilities in the MOVEit software to steal data from “hundreds of companies.” They have told the affected organizations to contact them to reach an agreement on a ransom payment, or else they would start divulging the material they have stolen. After the deadline expired, Clop began publicly identifying the corporations and exposing the data they have stolen. To this day it seems they have been unable to identify Zellis, BA, BBC, Boots or DHL.
Emsisoft researchers have been tracking the number of companies involved. They have discovered that at least 383 organizations have been affected and, as a consequence, the information of 20,421,414 people has been compromised.
This week, many organizations in Maine confirmed the data that was accessible through MOVEit by filing documentation with state regulatory authorities. Some banks and other financial institutions have reported that hundreds of thousands of their customers have been compromised, while other, more prominent companies have verified data breaches with fewer people affected.
Only a small number of people whose data was stolen by MOVEit are expected to pay compensation, according to estimates provided by Coveware. Despite this, it is still anticipated that Clop would acquire between $75 and $100 million from these payments alone, which is not surprising considering the huge ransom demands.
According to Coveware, “the CloP group is likely to make between $75 and $100 million from the MOVEit campaign alone,” and that total comes from only a small number of victims who succumbed to extremely expensive payouts. “The CloP group is likely to earn between $75 million and $100 million from the MOVEit campaign alone.”
He is a well-known expert in mobile security and malware analysis. He studied Computer Science at NYU and started working as a cyber security analyst in 2003. He is actively working as an anti-malware expert. He has also worked for security companies such as Kaspersky Lab. His daily work includes investigating new malware and cybersecurity incidents. He also has a deep level of knowledge in mobile security and mobile vulnerabilities.
Send news tips to [email protected] or www.instagram.com/iicsorg/
You can also find us on Telegram www.t.me/noticiasciberseguridad
#Clop #Ransomware #Hacked #DHL #Claiming #Million #Victims #Million #Profit