Payroll Provider Zelis Targeted by MOVEit Cyber Breach

  • Cybersecurity
  • 06.06.2023 11:40 am

Payroll services provider Zelis has been targeted by the MOVEit cyber breach, confirming that data from eight client firms has been stolen.

British Airways, the BBC, Boots, and other major organisations, have also had personal data and bank details compromised following the exploitation of a zero-day flaw in file transfer system MOVEit.

The BBC has warned employees of stolen data including staff ID numbers, home addresses, national insurance numbers and dates of birth, while other firms have warned of bank details being compromised following the breach.

Reports of the attack first surfaced last week following a zero-day vulnerability in MOVEit, built by Progress Software, with organisations continuing to discover the extend of the breach and warning staff of potential data loss.

Thousands of firms have been impacted by the breach.

Achi Lewis, Area VP EMEA for Absolute Software, commented: “Prevention of cyber-attacks is always the preference, but supply chains add additional risk to an organisation’s cyber protections, providing threat actors with an extra way in beyond internal defences. Supply chain attacks can be a lucrative attack method for cybercriminals due to the knock-on impact a breach can have on multiple targets and represents an area of risk that organisations must factor into detection and prevention strategies.”

“The MOVEit attack highlights once again the ongoing threat of ransomware and the need for organisations to ensure not only cyber resiliency, but the capacity to avoid downtime and repair critical IT systems. Utilising remote controls can enable centralised teams to freeze, and shut off, compromised devices and applications to prevent further access to a network, while self-healing technology offers a means of repair.”

“Through self-healing technology, organisations can lock vulnerable devices, automatically updating core systems, including cyber protections, in order to help get back online quickly and safely. Ensuring ongoing protection against recurring attacks is an important step in recovery, allowing staff to continue operations while protected and preventing weeks, months, or even years, of continual system damage” Lewis continued.

A spokesperson from the National Cyber Security Centre, said: “We are working to fully understand UK impact following reports of a critical vulnerability affecting MOVEit Transfer software being exploited.”

“The NCSC strongly encourages organisations to take immediate action by following vendor best practice advice and applying the recommended security updates.”

Related News