A group of hackers that has targeted the Clop ransomware gang has been linked to a new wave of mass-hacks affecting numerous organizations, including the British Broadcasting Corporation (BBC), British Airways, and the Nova Scotia government. These cyberattacks target MOVEit Transfer, a commonly used file transfer tool, and allow unauthorized access to affected servers. Progress Software, the developer of MOVEit, has already released some patches. One of MOVEit’s corporate customers, Zellis, a payroll provider, confirmed that its system was compromised, and one of its customers, British Airways, reported that the breach included the payroll data of all its UK-based employees whose personal information has been compromised. The security researchers have attributed these cyberattacks to a group they track as “Lace Tempest,” who have used similar vulnerabilities in the past to steal data and extort victims.
