Russian hacker group C10p breaches payroll titan Zellis, endangering numerous British corporations

Pixabay

A cyber shockwave has struck the United Kingdom as major corporations, including British Airways, Boots, and the BBC, revealed that their payroll services provider, Zellis, fell prey to a ruthless cyber onslaught on June 5, 2023. The infamous Russian ransomware group C10p took credit for the attack, exploiting a loophole in the widely-used MOVEit file transfer software.

On the very next day, C10p flaunted their victory on the darknet, declaring they had intelligence on "hundreds of companies," and served an ultimatum to the compromised organizations. They demanded negotiations for a ransom by June 14, 2023, threatening to expose the stolen data otherwise, BBC reported.

As the week unfolded, more companies reluctantly admitted that they too were victims of the hack, either through their connection to Zellis or their direct use of the MOVEit software. Among the casualties, DHL confirmed that their UK payroll data, including extensive personal details of their employees, may have been compromised.

Meanwhile, Transport for London (TfL) acknowledged that a contractor who employed MOVEit was also caught up in the cyber turmoil. However, they stressed that customer information and banking details remained safe.

Telecommunications regulator Ofcom confirmed that confidential data concerning their regulated companies, as well as personal data of 412 employees, was seized in the cyber raid.

Big-four accounting firm Ernst & Young (EY) also admitted to being affected by the hack. Although they assured the majority their MOVEit-enabled systems were unaffected, they acknowledged potential data breaches and are alerting the affected parties.

Despite the turmoil, Ofcom responded swiftly by alerting affected companies and contacting the data and privacy watchdog, the Information Commissioners Office (ICO). They reassured that none of their own systems were compromised and no payroll data was exposed.

Transport for London (TfL) and Ernst & Young (EY) also emphasized their immediate action to bolster security and investigate potential data breaches. Both assured their commitment to communicating with those impacted and safeguarding their data.

As the fallout continues, it's evident that this cyber breach has exposed an alarming vulnerability in a critical global software, underscoring the urgent need for more stringent cybersecurity measures.