A vulnerability in the MOVEit file transfer software has allowed a group of hackers to steal the data of thousands of employees.
In 24 hours, the famous media group BBC, the airlines British Airways and Aer Lingus or the province of Nova Scotia in Canada were all hit by a cyber attack at the same time. Since June 5, the list of victims has grown after the discovery of a vulnerability in the MOVEit transfer software. The error had been revealed by the specialized media Beeping computer.
The American company behind the product, Progress Software, says that hackers have found a way to break into MOVEit. More than 3,000 organizations use this software. The first targets noticed large downloads or unexpected backups on their system. We do not yet know the nature of all stolen data. In an email to employees reported the BBC that the stolen information included identification numbers, dates of birth, home addresses and social security numbers.
An HR software company as a starting point
Most of the attacks came from an operation against Zellis, an HR management software used by many groups in the UK and Ireland. The hackers were then able to recover the client files thanks to the MOVEit error.
Microsoft found it that the Cl0p ransomware group was behind this spate of cyberattacks. The cybercriminals are not really hiding it as they themselves admitted it to the journalists of Beeping computer. This hacker collective steals data before making ransom demands from victims.
Cl0p already took advantage of another flaw in 2023, including in file transfer software, and launched cyberattacks against several thousand companies. The hackers managed to steal the data of more than a hundred organizations. It seems that the group is especially alert to flaws in business software. Progress Software Reports all his customers to update his product.
Subscribe for free to Artificials, our AI newsletter, designed by AIs, verified by Numerama!