Security News > 2023 > June > British Airways, Boots, BBC payroll data stolen in MOVEit supply-chain attack
British Airways, the BBC, and UK pharmacy chain Boots are among the companies whose data has been compromised after miscreants exploited a critical vulnerability in deployments of the MOVEit document-transfer app.
Instead, payroll services provider Zellis on Monday admitted its MOVEit installation had been exploited, and as a result "a small number of our customers" - including the aforementioned British trio - had their information stolen.
We cannot disclose information on our MOVEit Transfer and MOVEit Cloud customers.
British Airways, which has about 35,000 employees, confirmed that it was one of the victims in what is now looking like yet another major supply chain attack.
"We have been informed that we are one of the companies impacted by Zellis' cybersecurity incident which occurred via one of their third-party suppliers called MOVEit," a British Airways spokesperson told The Register.
Both British Airways and Zellis said they had reported the intrusion to the UK Information Commissioner's Office, and Zellis notified the privacy watchdog's counterpart in Ireland as well as British cyber-police.
News URL
https://go.theregister.com/feed/www.theregister.com/2023/06/05/british_airways_boots_moveit/
Related news
- LottieFiles hit in npm supply chain attack targeting users' crypto (source)
- LottieFiles hacked in supply chain attack to steal users’ crypto (source)
- LottieFiles supply chain attack exposes users to malicious crypto wallet drainer (source)
- Blue Yonder ransomware attack disrupts grocery store supply chain (source)
- OpenWrt orders router firmware updates after supply chain attack scare (source)
- Update your OpenWrt router! Security issue made supply chain attack possible (source)
- Ultralytics Supply-Chain Attack (source)
- 390,000 WordPress accounts stolen from hackers in supply chain attack (source)
- Rspack npm Packages Compromised with Crypto Mining Malware in Supply Chain Attack (source)