5th June 2023 – (London) British Airways and retailer Boots have confirmed that their employees were among those impacted by a recent cyber attack on Zellis, a payroll provider that services hundreds of companies in the UK. In a statement released on Monday, British Airways, which is owned by IAG, stated that it had already notified affected employees and was providing them with support.
Zellis suffered a cybersecurity incident due to a breach that occurred via one of their third-party suppliers called MOVEit. According to reports, U.S. security researchers had warned on Thursday that hackers had stolen data from the systems of several users of MOVEit Transfer, just one day after the software maker had disclosed a security flaw.
One of the affected firms was Walgreens Boots Alliance, which owns the Boots chain of pharmacies. The company confirmed that some of its employees’ personal information was compromised but said that immediate steps were taken to disable the server.
Boots, which employs over 50,000 people in the UK, and British Airways, which has approximately 30,000 staff, are among the companies that use Zellis’ payroll services. The Daily Telegraph newspaper reported that national insurance numbers, names, and addresses were among the data exposed in the breach.