According to reports, major organizations such as BBC, British Airways, and the government of Nova Scotia have fallen victim to a significant global hacking attack linked to supply chains. US and British cybersecurity officials have issued warnings, stating that a Russian cyber-extortion group has targeted a popular file-transfer program used by corporations, potentially impacting various industries including healthcare, finance, technology, manufacturing, insurance, and government.
Analysts suggest that this breach could be one of the most significant in recent years, and as more details emerge about the affected organizations, the full extent of the impact will become clearer.
The Cl0p ransomware syndicate, known for previous similar attacks, has given its victims a deadline to negotiate a ransom or face the release of stolen data. The targeted software in this attack is MOVEit, a widely used file-sharing program, with Progress Software as its parent company.
While a patch has been issued, there are concerns that sensitive data may have already been accessed by the hackers. The breach has affected numerous companies, including Zellis, a UK payroll services provider serving British Airways and the BBC.
The UK drugstore chain Boots and several government agencies are also among the impacted organizations. The US Cybersecurity and Infrastructure Security Agency and FBI have issued a joint advisory, estimating that Cl0p has compromised thousands of organizations globally and highlighting the need for patching vulnerable software to prevent further exploitation.