Her final text contained just a single word, but it haunts Jean Hanlon's (pictured) family to this day. 'Help', the message read.

Russian hackers are being held responsible for a massive cyber-security attack that saw the personal details of thousands of BBC, British Airways and Boots staff being exposed.

BBC staff are said to be ‘jumpy’ about the incident linked to its Bristol-based payroll provider Zellis. The breach could mean major BBC stars such as Gary Lineker, Naga Munchetty and Amol Rajan may have had their personal details revealed.

Businesses are now scrambling to find out how much employee data has been stolen in a huge breach thought to have affected more than 100,000 people.

Security experts said the attack, which also hit the provincial government of Nova Scotia in Canada amongst British businesses, is thought to have been caused by Russian-speaking cybercrime gang called Clop.

A flaw in a software app called MOVEit Transfer, used by thousands of companies worldwide to transfer files, is thought to have been responsible for the exploitation by cyber criminals.

Hackers from the Russian-speaking cyber gang Clop are said to be behind the attack that has affected thousands from the BBC, Boots and British Airways

Hackers from the Russian-speaking cyber gang Clop are said to be behind the attack that has affected thousands from the BBC, Boots and British Airways

Hackers from the Russian-speaking cyber gang Clop are said to be behind the attack that has affected thousands from the BBC, Boots and British Airways 

BBC stars, such as Gary Lineker, could be amongst those 21,000 employees affected by the attack

BBC stars, such as Gary Lineker, could be amongst those 21,000 employees affected by the attack

BBC stars, such as Gary Lineker, could be amongst those 21,000 employees affected by the attack

Last night, bosses at BA wrote to their 34,000 workforce warning them of the breach

Last night, bosses at BA wrote to their 34,000 workforce warning them of the breach

Last night, bosses at BA wrote to their 34,000 workforce warning them of the breach 

Bosses at BA wrote to their 34,000-strong workforce yesterday warning them of the breach.

Criminals exploited software vulnerabilities at Zellis to win access to the details of eight of its clients.

Home addresses, bank details and national insurance numbers have all been stolen.

The BBC employees more than 21,000 people. One insider told The Times: ‘Anyone who has had any interaction with payroll has potentially been caught up in this.

‘It will have affected a lot of people.’

An email to staff, seen by the newspaper, the BBC’s chief financial officer Alan Dickson said: ‘Please be vigilant for any activity that seems unusual. These types of incidents can expose individuals to a higher risk of being victim to scams, identity fraud and unsolicited contact.’

The BBC said: ‘We are aware of a data breach at our third-party supplier, Zellis, and are working closely with them as they urgently investigate.

‘We take data security extremely seriously and are following the established reporting procedures.’

It is understood that the data breach did not include the bank account details of BBC staff.

Boots, which has 50,000 staff, said a 'global data vulnerability' was responsible for the breach

Boots, which has 50,000 staff, said a 'global data vulnerability' was responsible for the breach

Boots, which has 50,000 staff, said a ‘global data vulnerability’ was responsible for the breach

An insider at the BBC, said staff were 'jumpy' about the situation. It could affect the corporation's biggest stars, such as Naga Munchetty

An insider at the BBC, said staff were 'jumpy' about the situation. It could affect the corporation's biggest stars, such as Naga Munchetty

An insider at the BBC, said staff were ‘jumpy’ about the situation. It could affect the corporation’s biggest stars, such as Naga Munchetty

A spokesman for Boots, which has 50,000 staff, said: ‘A global data vulnerability, which affected third-party software used by one of our payroll providers, included some of our team members’ personal details.

Our provider assured us that immediate steps were taken to disable the server, and as a priority we have made our team members aware.’

Rafe Pilling, of the US cybersecurity firm Secureworks, said last night: ‘Victims will be contacted and asked for money.

If they refuse, they will probably be listed and published on the Clop site.’

Zellis said in its own statement: ‘We can confirm that a small number of our customers have been impacted by this global issue and we are actively working to support them.

‘There are no associated incidents or compromises to any other part of our IT estate.’

The Information Commissioner’s Office and the pensions ombudsman are assessing the situation.

The Data Protection Commission and National Cyber Security Centre have also been informed.

Some of the BBC's biggest names, such as Amol Rajan, may have been affected by the breach

Some of the BBC's biggest names, such as Amol Rajan, may have been affected by the breach

Some of the BBC’s biggest names, such as Amol Rajan, may have been affected by the breach

The cyber attack targeted Zellis, a payroll provider used by hundreds of companies in Britain [Stock image]

The cyber attack targeted Zellis, a payroll provider used by hundreds of companies in Britain [Stock image]

The cyber attack targeted Zellis, a payroll provider used by hundreds of companies in Britain [Stock image] 

There has been a sharp rise in the number of incidents linked to Russia since it invaded Ukraine in February 2022.

Emma Whitmore of Edgio, a security software group, said the latest attack showed that no organisation was safe from the hackers.

It comes after outsourcing firm and government contractor Capita was recently affected by a cyber-attack that saw some customer, supplier and staff data accessed by hackers.

Capita said it faces a bill of up to £20 million to deal with the incident, including for recovery and remediation costs and to invest in reinforcing its cyber security defences.

British Airways suffered a data hack in 2018, when the attacker is believed to have potentially accessed the personal data of approximately 429,612 customers and staff.

It included the names, addresses, payment card numbers and the three digits on the back of cards of 77,000 customers, and card numbers only for 108,000 customers.

The airline was fined £20 million by the ICO after investigators found it should have identified the security weaknesses that enabled the attack.

MailOnline has contacted the BBC. 

Leave a Reply

Your email address will not be published. Required fields are marked *