A gang of Russian-speaking cyber criminals are accused of launching a massive hack that saw the personal details of tens of thousands of BBC, British Airways and Boots staff exposed in a major security scare.
Staff at the British broadcaster are said to be ‘jumpy’ about the data breach linked to its Bristol-based payroll provider Zellis, which could mean that the Corporation’s major stars including Gary Lineker, Naga Munchetty and Amol Rajan have had their contact and bank details revealed.
Security experts claimed that the attack is thought to have been caused by Russian-speaking cybercrime gang Clop, which the Mail on Sunday newspaper previously revealed was responsible for stealing confidential information held by some of Britain’s police forces.
Rafe Pilling, of the US cybersecurity firm Secureworks, said last night: ‘Victims will be contacted and asked for money. If they refuse, they will probably be listed and published on the Clop site.’
Hackers from the Russian-speaking cyber gang Clop are said to be behind the attack that has affected thousands from the BBC, Boots and British Airways
BBC stars, such as Gary Lineker, could be amongst those 21,000 employees affected by the attack
Last night, bosses at BA wrote to their 34,000 workforce warning them of the breach
It is thought that the Russian hackers were able to exploit a flaw in a software app called MOVEit Transfer, used by companies worldwide to transfer files – as businesses scramble to find out how much data has been stolen in the breach which could have affected 100,000 people.
Bosses at BA wrote to their 34,000-strong workforce yesterday warning them of the breach.
Criminals exploited software vulnerabilities at Zellis to win access to the details of eight of its clients.
Home addresses, bank details and national insurance numbers have all been stolen.
The BBC employees more than 21,000 people. One insider told The Times: ‘Anyone who has had any interaction with payroll has potentially been caught up in this.
‘It will have affected a lot of people.’
An email to staff, seen by the newspaper, the BBC’s chief financial officer Alan Dickson said: ‘Please be vigilant for any activity that seems unusual. These types of incidents can expose individuals to a higher risk of being victim to scams, identity fraud and unsolicited contact.’
The BBC told MailOnline: ‘We are aware of a data breach at our third-party supplier, Zellis, and are working closely with them as they urgently investigate.
‘We take data security extremely seriously and are following the established reporting procedures.’
It is understood that the data breach did not include the bank account details of BBC staff.
Boots, which has 50,000 staff, said a ‘global data vulnerability’ was responsible for the breach
An insider at the BBC, said staff were ‘jumpy’ about the situation. It could affect the corporation’s biggest stars, such as Naga Munchetty
A spokesman for Boots, which has 50,000 staff, said: ‘A global data vulnerability, which affected third-party software used by one of our payroll providers, included some of our team members’ personal details.
Our provider assured us that immediate steps were taken to disable the server, and as a priority we have made our team members aware.’
Zellis said in its own statement: ‘We can confirm that a small number of our customers have been impacted by this global issue and we are actively working to support them.
‘There are no associated incidents or compromises to any other part of our IT estate.’
The Information Commissioner’s Office and the pensions ombudsman are assessing the situation.
The Data Protection Commission and National Cyber Security Centre have also been informed.
Some of the BBC’s biggest names, such as Amol Rajan, may have been affected by the breach
The cyber attack targeted Zellis, a payroll provider used by hundreds of companies in Britain [Stock image]
There has been a sharp rise in the number of incidents linked to Russia since it invaded Ukraine in February 2022.
Emma Whitmore of Edgio, a security software group, said the latest attack showed that no organisation was safe from the hackers.
It comes after outsourcing firm and government contractor Capita was recently affected by a cyber-attack that saw some customer, supplier and staff data accessed by hackers.
Capita said it faces a bill of up to £20 million to deal with the incident, including for recovery and remediation costs and to invest in reinforcing its cyber security defences.
British Airways suffered a data hack in 2018, when the attacker is believed to have potentially accessed the personal data of approximately 429,612 customers and staff.
It included the names, addresses, payment card numbers and the three digits on the back of cards of 77,000 customers, and card numbers only for 108,000 customers.
The airline was fined £20 million by the ICO after investigators found it should have identified the security weaknesses that enabled the attack.