Zellis, a leading provider of payroll services for the UK and Ireland, has confirmed that it has suffered a software supply chain attack affecting well-known companies BA, the BBC and Boots.
The company released a statement confirming the incident. ‘We can confirm that a small number of our customers have been impacted by this global issue and we are actively working to support them. All Zellis-owned software is unaffected and there are no associated incidents or compromises to any other part of our IT estate.
‘Once we became aware of this incident we took immediate action, disconnecting the server that utilises MOVEit software and engaging an expert external security incident response team to assist with forensic analysis and ongoing monitoring. We have also notified the ICO, DPC and the NCSC in both the UK and Ireland. We employ robust security processes across all of our services and they all continue to run as normal’.
Kev Eley, VP Sales UK & Europe, LogRhythm, commented on the news: “Ransomware attackers are constantly going after bigger targets for bigger pay-outs and this is exactly what we are seeing within the recent attack on BA, the BBC and Boots. The breach shows that even well-established and trusted brands are not immune to ransomware attacks.
“The Russian-speaking ransomware group, Clop, has claimed responsibility for the breaches centred around the MOVEit file transfer software used by hundreds of UK companies, including BA, Boots and the BBC. The attack exposed critical employee personal data, including bank, national insurance and contact details to hackers. This highlights the growing vulnerability many companies are facing when it comes to sophisticated cyberattacks targeting flaws along their software supply chain.
“As a customer of BA myself, the safety of my data is a top concern. Organisations of all sizes need to recognise that ransomware attacks are a matter of ‘when’ not ‘if’ and must move from a reactive to a proactive cybersecurity strategy to stay ahead of relentless threats. A predictive approach that uses threat intelligence is absolutely crucial for gaining full visibility into the attack surface and quickly detecting the most pertinent network threats.
“Organisations need to ensure they’re keeping up with the latest security trends to know how to effectively defend their environment. The MOVEit file transfer vulnerability is a topic LogRhythm will be addressing in our Security Spotlight Series to keep more organisations safe.”