Payroll provider Zellis, serving the UK and Ireland, has been targeted in a significant data breach due to the exploitation of a zero-day vulnerability in the MOVEit file transfer tool. Microsoft security researchers attribute the attack to Lace Tempest, a group affiliated with Clop ransomware. The hackers have issued a warning on the dark web, demanding impacted companies, including BBC, Boots, British Airways, and Aer Lingus, to get in touch by June 14, or the stolen employee data will be published. The vulnerability, discovered by Progress Software in MOVEit Transfer and MOVEit Cloud, poses a serious threat by granting escalated privileges and unauthorized access.
To address the vulnerability, a security patch is now available, and Progress Software has outlined recommended remediation steps. The impacted companies, including Zellis customers, are urged to download the patch and conduct scans to identify signs of unauthorized access in their environments. The threat extends beyond system security, prompting the need for companies to take immediate steps to protect their employees. British Airways, one of the impacted organizations, has notified affected colleagues whose personal information has been compromised, emphasizing the importance of providing support and advice.
As companies grapple with the aftermath of the breach, experts stress the need for thorough network scans and vigilant monitoring to identify potential signs of compromise or unauthorized access. Employees are recognized as essential in the detection of suspicious activity, and organizations are advised to inform their workforce promptly if there are concerns about the compromise of employee data. The data breach serves as a stark reminder of the ongoing challenges in maintaining robust cybersecurity measures and the critical role of timely response strategies to mitigate the impact of such incidents.
