Lawyer Warns MOVEit Ransomware Attack Victims to Not Engage with Hackers

Following the disclosure of the MOVEit cyberattack, the Cl0p group released a notice on the dark web instructing affected individuals to engage. However, Christine Sabino, Legal Director at Hayes Connor, a leading UK law firm specialising in data breaches, advises victims to not interact with the group.

In the wake of a malicious cyber-attack targeting the MOVEit file transfer software, numerous well-known brands have fallen victim, leading to the exposure of sensitive data and placing their employees at risk of identity theft and other serious consequences.

The Cl0p group has since confirmed their involvement and has instructed affected individuals to email them before June 14th to avoid the publication of stolen data.

A detailed blog post with poor English was discovered by the BBC which aims to inform companies using the Progress MOVEit product that their data may have been downloaded. It further encourages affected organisations to initiate negotiations to the gang through their darknet portal.

British Airways, the BBC, and Boots have emerged as prominent victims in the aftermath after using Zellis, a reputable UK-based human resources software and payroll provider. As a result, their payroll data has been compromised.

Christine Sabino urges affected parties to not engage with the Cl0p group, emphasising the potential for further harm that such interactions may bring.

Christine says, “Given the severity of the MOVEit data breach, it is crucial that victims exercise caution and refrain from any form of engagement with the hackers. Interacting with these individuals can potentially exacerbate the situation and expose victims to further harm.

“It is strongly advised to seek professional legal assistance and cooperate with the ICO and the police to mitigate the impact of the breach and protect the affected parties”.

Christine believes the incident serves as a stark reminder of the risks posed by cyberattacks and the urgent need for robust data protection measures.

The exact scope of the breach and the specific number of affected employees has not been disclosed. However, both the BBC and Boots, which are large organisations with 50,000 staff, have confirmed being impacted by the breach.

It is also confirmed that a mixture of details, including company IDs, national insurance numbers, contact details, and bank details, may be exposed. Alone, the exposure of these individual components may not necessarily pose too much danger, but together they paint a picture of a person’s life, putting victims at huge risk of exploitation, leading to financial loss and emotional turmoil.

Christine anticipates that the ransomware gang behind the recent breach may engage in digital extortion, leveraging the stolen data for malicious purposes.

She explains, “Digital extortion, is an act employed by cybercriminals that involves coercing individuals or companies into paying a ransom in exchange for regaining access to stolen cyber assets.

“These assets encompass personal information, critical business operations, or financial interests, including documents and database files. The exploitation of such data through data breaches can lead to dire consequences for both individuals and organisations.

“Personal information, even in small fragments like names, dates of birth, or national insurance numbers, can lead to identity theft, resulting in financial losses, and reputational damage. However, in this case, where there’s a combination of data shared, the risk is maximised for the employees whose data has been exposed.  

“It is clear many of the companies involved are taking the incident very seriously, as communication lines with employees affected have already been quite open. That said, for those affected, this will no doubt be a very stressful time, so seeking the support of experts to help mitigate the damage is advised.

“What’s more, in light of this alarming incident, it is crucial for businesses to implement stringent data security measures and maintain transparency with their customers, partners, and employees. By doing so, organisations can mitigate risks, safeguard sensitive data, and demonstrate their commitment to protecting individuals’ privacy.

“There are so many moving parts, and a number of different parties involved, that it makes it tricky to ascertain who is to blame, and who will ultimately bear responsibility, at this early stage.”