British Airways Employees Data Stolen In MOVEit Transfer Hack

British Airways has announced its employees have been affected by the MOVEit Transfer hack with all UK employees affected.

Along with a number of big names like the BBC and Boots, the airline has warned staff that personal data like names, addresses, national insurance numbers and banking details may have been affected. No customer details seem to have been breached in the hack.

The team behind the cl0p ransomware site confirmed to Reuters it was responsible for the breaches, saying “it was our attack” and that those refusing to pay would be named on its website.

britishairways ee605d1252cec - Travel Radar - Aviation News
British Airways has announced its employees have been affected by the MOVEit Transfer hack. © British Airways Press Office

MOVEit Transfer Hack Via Zellis

Payroll provider, Zellis, announced the hack on Monday, telling sources that eight of its customers had been affected by the breach. While they didn’t name those involved, at least three large companies have claimed to be involved.

The hack has been linked to a widely-used software called MOVEit Transfer by Progress Software. Progress advertises the software as the leading secure Managed File Transfer (MFT) software used to provide complete visibility and control over file transfer activities.

Zellis has released a statement relating to the breach:

“Once we became aware of this incident we took immediate action, disconnecting the server that utilises MOVEit software and engaging an expert external security incident response team to assist with forensic analysis and ongoing monitoring. We have also notified the ICO, DPC, and the NCSC in both the UK and Ireland. We employ robust security processes across all of our services and they all continue to run as normal.”

The National Cyber Security Centre (NCSC) has also released a statement:

“We are working to fully understand UK impact following reports of a critical vulnerability affecting MOVEit Transfer software being exploited.

“The NCSC strongly encourages organisations to take immediate action by following vendor best practice advice and applying the recommended security updates.”

The Information Commissioner’s Office has also announced it is aware of the breach and will be launching an investigation.

hacked in a list of binary 1's and 0's as a hooded figure overlooks.
The Information Commissioner’s Office is aware of the breach and will be launching an investigation. © Gerd Altmann on Pixabay

What Should You Do If You’ve Been Breached?

Firstly, don’t panic. Your data has already been stolen, but there are a few things you can do to protect yourself from further issues.

Experian provides a good guide on what to do in the case of a breach, as does the NCSC.

What are your thoughts on this story? Have you been affected by a breach? Let us know in the comments.

Subscribe to our Weekly Digest!

More News

Emirates Crowned As APEX World Class Airline 2024

Emirates has been crowned the World Class Airline 2024...

Schiphol Airport Reduces Flight Numbers by 12,400 Next Summer

Schiphol Airport (AMS) has announced plans to reduce the...

Qatar Airways’ Frequency Increase Request Denied By Australian Authorities

Australian regulators have denied Qatar Airways' frequency increase request...

Portuguese Government Seeks At Least 51% Privatization For Flag Carrier, TAP

The Portuguese government has officially put its flag carrier,...
Megan Carmichael
Megan Carmichael
Web Editor - After a long stint in Tech, Megan took her leave and followed a passion of writing! Megan started writing a blog in 2017, on and off, fully committing in 2020 when there was nothing else to do during the lockdown. Since then she has published in Outdoor Magazines, written website content for online businesses and wrote feature pieces on Travel, Lifestyle, Freelancing and more.