Boots, BA, BBC staff hit by cyber attack on payroll provider

The personal details of thousands of British Airways, BBC and Boots may have been stolen after a suspected Russia-linked cyber attack on the firms' payroll systems provider, according to a media report on Monday.

Source: Sharecast

BA has emailed many of its 34,000-strong workforce warning them of a “cyber security incident which has led to the disclosure of personal information about colleagues paid through British Airways’ payroll in the UK and Ireland”.

It warned that the compromised information includes names, addresses, national insurance numbers, banking details and other information after a hack on payroll provider, Zellis.

Boots has emailed employees saying that staff’s names, surnames, employee numbers, dates of birth, email addresses, the first lines of their home address and national insurance numbers have been affected. It said a “very small number” of employees may have had other data compromised.

A BBC spokesman confirmed the broadcaster was also affected: “

Zellis provides payroll services to a large number of major companies including the NHS and Jaguar Land Rover. The hack has affected eight of its customers, the paper cited an unnamed source as saying.

Security researchers said the cyber attack appeared to be linked to a Russian-speaking cybercrime gang called Clop. Hackers have exploited a backdoor in a piece of software used by Zellis called MOVEit, which is used to transfer files.

Progress Software, the maker of MOVEit, first identified the vulnerability last week. It told customers to “take immediate action” and delete any unauthorised user accounts added by hackers.

Rafe Pilling, a principal researcher with cyber security company Secureworks, said his Counter Threat Unit team had observed the Russian-speaking Clop gang targeting vulnerable servers over the past few days, adding that the same gang was likely behind the British Airways and Boots attack.

A spokesman for Zellis said: “We can confirm that a small number of our customers have been impacted by this global issue and we are actively working to support them. All Zellis-owned software is unaffected and there are no associated incidents or compromises to any other part of our IT estate."

“Once we became aware of this incident we took immediate action, disconnecting the server that utilises MOVEit software and engaging an expert external security incident response team to assist with forensic analysis and ongoing monitoring. We have also notified the ICO, DPC, and the NCSC in both the UK and Ireland."

A spokesman for BA said: “We have been informed that we are one of the companies impacted by Zellis’ cybersecurity incident which occurred via one of their third-party suppliers called MOVEit. Zellis provides payroll support services to hundreds of companies in the UK, of which we are one.

“This incident happened because of a new and previously unknown vulnerability in a widely used MOVEit file transfer tool. We have notified those colleagues whose personal information has been compromised to provide support and advice.”

Transferring your account

Transfer your existing ISAs and Share Dealing Accounts and you could save money. In order to transfer, log in to your existing account and complete the online application form. We’ll do the rest for you. It’s free to transfer (we will not charge you). Please check your current provider to see if they have any charges for transferring.

Transfer to us

N/A

Isin: N/A

Exchange: N/A

Sell:

N/A

Buy:

N/A

Change:

Date:

Prices delayed by at least 15 minutes

Compare our accounts

If you're looking to grow your money over the longer term (5+ years), we have a range of investment choices to help.

View our accounts

Bank of Scotland is not responsible for the content and accuracy of the Markets News articles. We may not share the views of the author. Understand the risks, please remember the value of your investment can go down as well as up and you may not get back the full amount you invest. We don't provide advice so if you are in any doubt about buying and selling shares or making your own investment decisions we recommend you seek advice from a suitably qualified Financial Advisor. Past performance is not a guide to future performance.

Important legal information

Bank of Scotland Share Dealing Service is operated by Halifax Share Dealing Limited. Halifax Share Dealing Limited. Registered in England and Wales No. 3195646. Registered Office: Trinity Road, Halifax, West Yorkshire HX1 2RG. Authorised and regulated by the Financial Conduct Authority, 12 Endeavour Square, London, E20 1JN under number 183332. A Member of the London Stock Exchange and an HM Revenue & Customs Approved ISA Manager.

The information contained within this website is provided by Allfunds Digital, S.L.U. acting through its business division Digital Look Ltd unless otherwise stated. The information is not intended to be advice or a recommendation to buy, sell or hold any of the shares, companies or investment vehicles mentioned, nor is it information meant to be a research recommendation. This is a solution powered by Allfunds Digital, S.L.U. acting through its business division Digital Look Ltd incorporating their prices, data news, charts, fundamentals and investor tools on this site. Terms and conditions apply. Prices and trades are provided by Allfunds Digital, S.L.U. acting through its business division Digital Look Ltd and are delayed by at least 15 minutes.

Data provided by FE fundinfo. Care has been taken to ensure that the information is correct, but FE fundinfo neither warrants, represents nor guarantees the contents of information, nor does it accept any responsibility for errors, inaccuracies, omissions or any inconsistencies herein. Past performance does not predict future performance, it should not be the main or sole reason for making an investment decision. The value of investments and any income from them can fall as well as rise.