Kowatek Solar LTD
Largest wind farm in the United States slated to begin commercial operations
17:53
Largest wind farm in the United States slated to begin commercial operations
RETC PV Module Index highlights panel reliability concerns
14:31
RETC PV Module Index highlights panel reliability concerns
SEIA: AI is fueling a massive US energy storage boom
07:36
SEIA: AI is fueling a massive US energy storage boom
Intermodal Shifts and Retail Consolidation De-Carbonize Logistics Freight — Environmental Protection
17:55
Intermodal Shifts and Retail Consolidation De-Carbonize Logistics Freight — Environmental Protection
France VAT compliance
17:59
France VAT compliance
Battery Power Online | Peak Energy, General Motors Partner on Sodium-Ion Cells for Grid Applications
17:54
Battery Power Online | Peak Energy, General Motors Partner on Sodium-Ion Cells for Grid Applications
Why Britain is saying no to hydrogen boilers
17:53
Why Britain is saying no to hydrogen boilers
Who are the companies commercialising large-scale thermal energy storage technologies today
04:32
Who are the companies commercialising large-scale thermal energy storage technologies today
16 Utah Cities Choose to Opt-in to Groundbreaking Clean Energy Program to Bring 100% Clean Energy to Grid
17:51
16 Utah Cities Choose to Opt-in to Groundbreaking Clean Energy Program to Bring 100% Clean Energy to Grid
Themis Powder2Power particle-based CSP begins commissioning in France
18:00
Themis Powder2Power particle-based CSP begins commissioning in France

BBC staffers warned of payroll data breach. Other firms also affected by MOVEit vulnerability • Graham Cluley

BBC staff warns of payroll data breach, other businesses affected by MOVEit vulnerability

BBC staff have been warned that a vulnerability in a software tool used by a payroll company could be exploited to put personal data in the hands of cybercriminals.

There are a lot of moving parts here, so I’ll give a quick recap here.

BBC – British Broadcasting Company. That employee’s data can be misused by cybercriminals.

IBM – Companies that have subcontracted work to Zellis.

Zelis – The company that managed the BBC’s payroll services via IBM, apparently using a program called MOVEit Transfer.

progress – Developer of MOVEit Transfer, a file transfer tool containing critical vulnerabilities.

Cl0p – A Russian-speaking ransomware extortion group is allegedly involved in the breach.

Sign up for our free newsletter.
Security news, advice and tips.

According to the BBC, Zelis said he had seen no evidence that employee bank account details had been exposed in a data breach.

Even if that’s true, enterprising criminals are turning fraud, identity theft, and even plain There may still be plenty of opportunities for extortion.

Xerris has many other corporate customers, including British Airways and UK high street pharmacy Boots, whose thousands of employees appear to be affected.

It’s important to realize that blaming the BBC, Boots, British Airways, IBM, or even Xerith for this data breach is like shooting Messenger. It’s not really to blame, it’s to shoot the messenger.

Progress, developers of the buggy MOVEit Transfer software, have some apparently difficult questions to answer, and hopefully they’ll release a patch for this problem soon.

But ultimately the real bad guys in this story are the malicious hackers who have exploited their flaws to make a criminal fortune.

Organizations using MOVEit Transfer are wise to read the Progress security bulletin and take the recommended steps to mitigate the threat.

Unfortunately, if data has already been stolen, it is the responsibility of the company to notify affected individuals and companies and report the incident to regulators.

Did you enjoy this article? Follow Graham Cluley on Twitter Or visit Mastodon to read more exclusive content we post.

Graham Cluley is a cybersecurity industry veteran and has worked for many security companies since the early 1990s when he created the first version of Dr. Solomon’s Antivirus Toolkit for Windows. He is now an independent analyst, making regular media appearances and an international speaker on the subject of cybersecurity, hackers and online privacy.please follow him twitterMastodon, Bluesky, or email him.



Source link

Leave a Reply

Your email address will not be published. Required fields are marked *

Address:
 091, Peace Plaza, Asaba, Delta State.
216 DBS Road, Asaba, Delta State.
Start a conversation:

Follow Us Social Media

Facebook Twitter Youtube Instagram

All Rights Reserved. Kowatek Blog by IWUCHI

Home | About Us | Disclaimer | Privacy Policy | Contact Us