Categories: CyberCrimeSecurity

Ofcom Hit By MOVEit Extortion Hack

Media regulator Ofcom has confirmed it was affected by the mass hack on Progress Software’s MOVEit secure transfer tool by a Russian ransomware gang.

Ofcom said confidential data about some of the companies it regulates had been compromised, along with personal information on 412 employees.

Transport for London and accountancy firm Ernst & Young (EY) said they were also affected by the hack on MOVEit, which is used by companies around the world to transfer sensitive data.

The Clop ransomware group has issued a deadline of Wednesday for hacked companies to begin negotiations via email, or they will begin releasing data on their darknet ransomware extortion site.

Mass hack

Ofcom said it had taken immediate action to prevent further use of MOVEit and to implement security measures.

The regulator said it “swiftly” alerted all of the companies it regulates and is offering support and assistance.

“A limited amount of information about certain companies we regulate – some of it confidential – along with personal data of 412 Ofcom employees, was downloaded during the attack,” the regulator said.

“We took immediate action to prevent further use of the MOVEit service and to implement the recommended security measures. We also swiftly alerted all affected Ofcom-regulated companies, and we continue to offer support and assistance to our colleagues.”

Investigation

The regulator clarified that the data was downloaded from the hacked MOVEit servers and that Ofcom’s own systems were not breached.

Transport for London (TfL) said its data was affected via a contractor who used MOVEit.

It said the IT systems involved have been secured and that the data in question did not include banking details or passenger data.

EY said the vast majority of its systems that used MOVEit were unaffected but that it is “manually and thoroughly investigating systems where data may have been accessed”.

“Our priority is to first communicate to those impacted, as well as the relevant authorities. Our investigation is ongoing,” EY said.

Ransom

British Airways, Aer Lingus, the BBC and Boots said last week that they were affected by the hack as the MOVEit tool is used by their services provider Zellis.

Ryan McConechy, chief technology officer of Barrier Networks, said the attack was likely to go down as “one of this year’s mega cyberattacks” but he said it was unlikely firms would be tempted to pay the Clop gang to keep their data secure, in part because of the wide publicity around the crime.

“Firstly, this would harm their reputations among the wider public for engaging with Russian cybercriminals, while, secondly, the reality is this data is now in the hands of criminals, and whether a ransom is paid or not, there are never any guarantees it will be deleted,” McConechy said.

He said the priority for affected companies is now remediation, including securing their systems and being “extra vigilant” for scams that might be carried out using the stolen data.

Matthew Broersma

Matt Broersma is a long standing tech freelance, who has worked for Ziff-Davis, ZDnet and other leading publications

Recent Posts

Workers Killed In Fire At South Korean Battery Plant

At least 22 workers killed in fire at lithium battery plant near Seoul after chain…

2 hours ago

EU Finds Apple In Breach Of DMA Competition Rules

European Commission finds Apple in breach of DMA competition rules in first decision under new…

3 hours ago

Apple Delays AI Features In EU Over DMA Rules

Apple to delay launch of AI and two other new features in EU, arguing new…

9 hours ago

US Government Prepares TikTok Lawsuit Over Child Privacy

US Department of Justice prepares lawsuit alleging TikTok violated child data privacy laws, as company's…

10 hours ago

US Publishes Draft Rules On China AI, Chip Investment

US publishes draft rules governing investments into AI, other emerging technologies in China amidst political…

10 hours ago

China-Linked Shein Faces Uphill Battle For IPO In US Or UK

China-founded fast-fashion company Shein faces political resistance in search for IPO venue, as major investors…

11 hours ago