Cyber attack 2023: BBC, BA and Boots issued with ultimatum by Russian cyber gang Clop
The Clop cyber gang has posted a notice on the dark web which warns firms affected by the Moveit hack to email them before June 14 or the stolen data will be published. The hack has affected more than 100,000 staff at BBC, British Airways and Boots who have been told payroll data may have been taken.
The post, seen by the BBC, reads: "This is announcement to educate companies who use Progress MOVEit product that chance is that we download a lot of your data as part of exceptional exploit."
Employers have been urged not to pay up if the hackers demand a ransom. The hack was first announced last week, analysts at Microsoft said on Monday they believed Clop was to blame, based on the techniques used in the hack.
The criminals found a way to break into a piece of popular business software called Moveit and were able to use this to get into databases of potentially hundreds of companies. Payroll services provider Zellis was one of its users, and confirmed that eight UK organisations have had data stolen as a result, including home addresses, national insurance numbers and, in some cases, bank details.
Zellis customers which has been breached include:
- British Airways
- Aer Lingus
The demands from the gang is an unusual tactic as usually demands are emailed to the victim. However, SOS Intelligence CEO Amir Hadžipasić says that Clop may not be able to keep up with the scale of the hack, telling the BBC: "My take is that they just have so much data that it is difficult for them to get on top of it all. They’re betting that if you know then you will contact them".