Get all your news in one place.
100’s of premium titles.
One app.
Start reading
Evening Standard
Evening Standard
World
Sami Quadri

British Airways, BBC and Boots staff hit in major payroll cyber attack 'linked to Russia'

Tens of thousands of staff at British Airways, BBC and Boots may have had their details stolen in a suspected Russian-linked cyber attack.

BA bosses emailed staff on Monday morning warning them that their details may have been compromised due to a “cyber security incident” which has led to the “disclosure of personal information about colleagues paid through British Airways’ payroll in the UK and Ireland”.

Boots has also told employees that their names, surnames, employee numbers, dates of birth, email addresses, the first lines of their home address and national insurance numbers may have been affected.

Zellis, which provides payroll support services to hundreds of companies across the UK, confirmed that it has been the victim of a data breach.

A spokesperson for BA said: “We have been informed that we are one of the companies impacted by Zellis’ cybersecurity incident which occurred via one of their third-party suppliers called MOVEit.

“Zellis provides payroll support services to hundreds of companies in the UK, of which we are one. This incident happened because of a new and previously unknown vulnerability in a widely used MOVEit file transfer tool.

"We have notified those colleagues whose personal information has been compromised to provide support and advice."

A BBC spokesman confirmed they were also affected by the hack.

A spokesman for the broadcaster said: “We are aware of a data breach at our third party supplier, Zellis, and are working closely with them as they urgently investigate the extent of the breach.

“We take data security extremely seriously and are following the established reporting procedures.”

A spokesman for Zellis said: “We can confirm that a small number of our customers have been impacted by this global issue and we are actively working to support them.

“All Zellis-owned software is unaffected and there are no associated incidents or compromises to any other part of our IT estate.

“Once we became aware of this incident we took immediate action, disconnecting the server that utilises MOVEit software and engaging an expert external security incident response team to assist with forensic analysis and ongoing monitoring.

“We have also notified the ICO, DPC, and the NCSC in both the UK and Ireland.

“We employ robust security processes across all of our services and they all continue to run as normal.”

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
One subscription that gives you access to news from hundreds of sites
Already a member? Sign in here
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.