Sun 28 Apr 2024

 

2024 newspaper of the year

@ Contact us

News
TechnologyUKWorldScotlandHealthEducationTechnologyScienceEnvironmentBusinessHousing
Latest
Latest
8m agoHow a £1.5k gadget could rebuild the sex lives of prostate cancer survivors
Latest
3h agoInside the Home Office Rwanda revolt as officials run from Sunak’s ‘s**t show’
Latest
10h agoSunak claims migrants going to Ireland on small boats proves Rwanda plan works

Zellis cyber attack: Russian hackers threaten to leak BA, Boots and BBC staff data unless ransom is paid

'Paying ransoms to cyber criminals does not guarantee that all the data will be returned,' experts warned

File photo dated 21/01/20 of the BBC Broadcasting House in London. A cybercrime gang that is thought to be based in Russia has warned major British companies employing more than 100,000 staff to email them before June 14 or stolen data will be published. Issue date: Wednesday June 7, 2023. PA Photo. According to the BBC, whose employees were victims in the hack, the Clop group made the threat in broken English on the dark web. Also targeted in the hack were the payrolls of British Airways, Boots, Aer Lingus, Nova Scotia Government and the University of Rochester after the gang broke into a piece of popular business software called MOVEit and used that access to get into the databases of potentially hundreds of other companies. See PA story CITY Cyber. Photo credit should read: Ian West/PA Wire
Targeted in the hack were the payrolls of the BBC, British Airways, Boots, Aer Lingus, Nova Scotia Government and the University of Rochester after the gang broke into a piece of popular business software called MOVEit and used that access to get into the databases of potentially hundreds of other companies (Photo: Ian West/PA)
author avatar image
By Nick Duffy
Weekend Breaking News Editor
June 7, 2023 3:16 pm(Updated June 8, 2023 10:35 am)

A Russian hacker group has issued an ultimatum to firms including British Airways, Boots and the BBC after stealing hordes of staff data from a payroll provider.

Clop, a Russian-speaking cybercrime gang, urged companies to get in touch by 14 June and settle a “price to delete” to avoid their data being exposed.

It was initially thought eight companies were impacted by the raid on payroll provider Zellis, first revealed on Monday, which exploited an unknown third-party file-sharing tool called MOVEit.

However, Clop – who experts believe are financially-motivated criminals rather than tied to the Russian state – claims to have “downloaded a lot of your data” from “hundreds of companies”.

A darkweb post from the group said: “We are the only one who perform such attack and relax because your data is safe. We are to proceed as follow and you should pay attention to avoid extraordinary measures to impact you company.”

The message did not include an explicit ransom demand but urged companies to get in touch “or else” to receive “proof of data we have and price to delete”, adding: “If no agreement… after 7 days all you data will start to be publication”.

In a sign that it was seeking to avoid becoming a target of state actors, the group said it had erased all data relating to “government, city or police service” because “we have no interest to expose such information”.

Read Next

Zellis cyber attack: British Airways, BBC and Boots staff have data stolen in breach
Technology

British Airways, BBC and Boots staff have data stolen in cyber breach

Read More

But Simon Newman, a member of International Cyber Expo’s Advisory Council, warned: “Paying ransoms to cyber criminals does not guarantee that all the data will be returned. In fact, in most cases, it’s extremely rare and may simply expose you to further ransomware attacks in the future.”

Javvad Malik, lead security awareness advocate at KnowBe4, added: “Cybercriminals know organisations cannot afford to lose critical data, causing undue pressure to pay large ransoms. This once again highlights the crushing effect of data breaches on modern organisations; a fact that hackers are acutely aware of.”

The data breach has been reported to the Information Commissioner’s Office by Zellis and several of the companies involved.

Martin Riley, director of managed security services at security firm Bridewell, told i previously there could be potentially enormous consequences for those found at fault for the breach, adding: “They’re more than aware of what the financial impacts may be for them.

“4 per cent of global revenues could be the maximum penalty for any of those organisations, so it could have significant commercial ramifications”.

Most Read By Subscribers