A series of UK organizations were hacked.

BA, BBC and Boots said the problem occurred at payroll services provider Zellis. The Canadian province of Nova Scotia was also affected.

A series of UK organizations have been hit by a cyber attack and the total number of victims has been reduced to 1. — British Airways was also affected by the incident. Photo: Reuters

Data from Zellis and the Nova Scotia provincial government was exposed through their use of MOVEit file transfer software, both organizations said in separate statements. Zellis declined to say how many customers were affected.

British Airways said it had informed affected staff and was supporting them. Boots said the attack had collected some personal details of staff.

MOVEit has become the focus of concern in the security industry after its maker, Massachusetts-based Progress Software, disclosed a vulnerability last week that could allow hackers to intercept data exchanged through the program.

In a statement on Monday, MOVEit said it had fixed the vulnerability exploited by the hackers and was working with experts to investigate the issue "and ensure we take all appropriate response measures."

Microsoft said on Sunday it believed the group behind the hack was "Lace Tempest" - the nickname given to online extortionists who run the cl0p malware website.

In an email to Reuters, the "cl0p group" confirmed it was responsible for the hack, saying "it was our attack" and that victims who refused to pay would be named on their website.

Mai Anh (according to Reuters)

Source