News broke on Monday that tens of thousands of employees at the BBC, British Airways, Boots, and Aer Lingus have had their details stolen due to a cyberattack on payroll service provider Zellis. Microsoft blamed the data breach on a Russian cybercriminal gang called Clop.
But now cybersecurity researchers are warning that this incident is far from over — the issue is much wider than previously thought and there are still serious consequences to come.
“Anyone that is running the MOVEit software should assume they might have been breached,” Rick Holland, the chief information security officer at global cybersecurity firm ReliaQuest told The Standard.
“Hopefully, everyone has kicked in their incidence response. According to our research, there are more than 1,000 servers [in the world] running unpatched versions of the software.”
He added that Clop essentially has a “treasure trove” of stolen information to sift through. They will go after large organisations that have the money to pay, but it could take a while before victims are notified or discovered that their data is compromised.
But now cybersecurity researchers are warning that this incident is far from over — the issue is much wider than previously thought and there are still serious consequences to come.
“Anyone that is running the MOVEit software should assume they might have been breached,” Rick Holland, the chief information security officer at global cybersecurity firm ReliaQuest told The Standard.
“Hopefully, everyone has kicked in their incidence response. According to our research, there are more than 1,000 servers [in the world] running unpatched versions of the software.”
He added that Clop essentially has a “treasure trove” of stolen information to sift through. They will go after large organisations that have the money to pay, but it could take a while before victims are notified or discovered that their data is compromised.