Connect with us

Hi, what are you looking for?



Hackers Issue ‘Ultimatum’ Over Payroll Data Breach

The Clop ransomware gang issued “an ultimatum” companies targeted in a recent large-scale hack of payroll data

A cybercrime gang reportedly based in Russia has issued “an ultimatum” to British and other companies targeted in a recent large-scale hack of payroll data, the BBC reported on Wednesday.

The Clop group has been blamed by cybersecurity experts for the breach announced last week, which saw payroll data of more than 100,000 staff stolen at firms including the BBC, British Airways and high street pharmacy Boots.

The hacking gang is now said to have posted a notice on the dark web in broken English warning those affected to email them before June 14 or face the private data being published, the BBC said.

“This is announcement to educate companies who use Progress MOVEit product that chance is that we download a lot of your data as part of exceptional exploit,” a blog post purportedly by Clop stated, according to the broadcaster.

It went on to urge victim organizations to send an email to the gang to begin a negotiation on its dark web portal, it added.
Employers are being urged not to pay up if the hackers demand a ransom, it said.

Hackers accessed the data by breaking into a popular business software service called MOVEit and used that access to breach databases of potentially hundreds of companies.

Those also targeted include Irish airline Aer Lingus, the government of the Canadian province Nova Scotia and the University of Rochester in the United States.

Advertisement. Scroll to continue reading.

The UK’s leading payroll provider Zellis said this week that eight of its customers had been affected by the “global issue”, which may have exposed personal information, including names, addresses, and banking details.

Analysts at Microsoft said on Monday they believe Clop was to blame, based on the techniques used in the hack.

Read: Zero-Day in MOVEit File Transfer Software Exploited to Steal Data From Organizations

Written By

AFP 2023

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join security experts as they discuss ZTNA’s untapped potential to both reduce cyber risk and empower the business.


Join Microsoft and Finite State for a webinar that will introduce a new strategy for securing the software supply chain.


Expert Insights

Related Content


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.


As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...


Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.


Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.


Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.

Artificial Intelligence

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.


A new study by McAfee and the Center for Strategic and International Studies (CSIS) named a staggering figure as the true annual cost of...