BBC, British Airways among big-name victims in MOVEit software hack

LONDON (AP) — Britain’s cybersecurity agency on Wednesday urged companies to be vigilant after the BBC, British Airways and other firms said their employees’ personal details may have been compromised in a software hack.

The companies were the first major victims after hackers successfully breached a popular file transfer software called MOVEit. The Clop ransomware group, thought to be based in Russia, has threatened on its dark web site that stolen data, including personal details such as names and home addresses, could be published.

“We are working to fully understand the U.K. impact following reports of a critical vulnerability affecting MOVEit Transfer software being exploited,” Britain’s National Cyber Security Center said in a statement.

“The NCSC strongly encourages organisations to take immediate action by following vendor best practice advice and applying the recommended security updates,” it added.

MOVEit is a program widely used by businesses to securely share files online. Zellis, a leading payroll services provider in the U.K. that works with British Airways and hundreds of others, was one of its users. Zellis said Monday a “small number” of its customers have been affected by the breach.

It is thought that hackers broke into the software and used that to get into the databases of potentially hundreds of other companies.

“This incident happened because of a new and previously unknown vulnerability in a widely used MOVEit file transfer tool,” British Airways said in a statement. “We have notified those colleagues whose personal information has been compromised to provide support and advice.”

Drugstore chain Boots, which employs more than 50,000 people, also said it has made staff aware of the breach.

BA and Zellis said they have reported the incident to Britain’s Information Commissioner’s Office.

Now you can read the Jamaica Observer ePaper anytime, anywhere. The Jamaica Observer ePaper is available to you at home or at work, and is the same edition as the printed copy available at


  1. We welcome reader comments on the top stories of the day. Some comments may be republished on the website or in the newspaper; email addresses will not be published.
  2. Please understand that comments are moderated and it is not always possible to publish all that have been submitted. We will, however, try to publish comments that are representative of all received.
  3. We ask that comments are civil and free of libellous or hateful material. Also please stick to the topic under discussion.
  4. Please do not write in block capitals since this makes your comment hard to read.
  5. Please don't use the comments to advertise. However, our advertising department can be more than accommodating if emailed:
  6. If readers wish to report offensive comments, suggest a correction or share a story then please email:
  7. Lastly, read our Terms and Conditions and Privacy Policy

Which long-term investment option is more attractive to you at the moment?