Provided by: RS Risk Solutions LTD
UK ORGANISATIONS HIT BY MASS CYBER-ATTACK
British Airways, health care company boots and the BBC are among thousands of firms to fall victim to a global cyber-attack. Several types of information were compromised, including contact details, home addresses, National Insurance numbers and banking details.
The origin of the attack is a file transfer system called MOVEit. Hackers broke into the transfer tool, which is designed to safely and securely move sensitive files. A flaw in the system allowed the hackers to gain access to information on a range of global companies.
Although the breach is still being investigated, a group called Lace Tempest – a nickname for the ransomware group known as Cl0p – may be behind the attack, according to Microsoft’s threat intelligence team.
A warning has been issued since the attack to firms using MOVEit, instructing them to download a security patch to stop further attacks from happening. “We are working to fully understand UK Impact following reports of a critical vulnerability affecting MOVEit Transfer software being exploited,” a National Cyber Security Centre (NCSC) spokesperson said. “The NCSC strongly encourages organisations to take immediate action by following supplier best practice advice and applying the recommended security updates,”
EMPLOYER ACTION
The MOVEit file transfer system breach reinforces the vital importance of robust cyber-security measures, especially when it comes to third-party software. Organisations of all types and sizes should scrutinise their cyber-security operations, including how they track and patch vulnerabilities in software.
Contact us for further cyber-security resources and insurance solutions.