Extortion demands feared after hacking spree hits British Airways, BBC and Nova Scotia
- BBC and British Airways among those caught up in an ongoing hacking campaign by an extortion gang
- Personal data was exposed following a wide-ranging breach centred on a popular file transfer tool
Cybersecurity experts are bracing for a potential wave of extortion demands after a vulnerability was discovered in encrypted file-sharing software, a flaw that hackers have already used to target a string of high-profile victims, including British Airways and the BBC.
Several companies and a Canadian province said on Monday that they were dealing with breaches related to the secure file transfer product MOVEit from Progress Software Corp, according to statements from several of the affected entities.
The vulnerability allowed hackers to steal files that companies had uploaded to MOVEit, according to Progress.
The flaw had prompted security alerts in recent days from the US Department of Homeland Security, the UK National Cyber Security Centre, Microsoft Corp and Mandiant, a subsidiary of Alphabet Inc’s Google Cloud.
Progress released a patch for the software last week.
“When we discovered the vulnerability, we promptly launched an investigation, alerted MOVEit customers about the issue and provided immediate mitigation steps,” spokesperson John Eddy said in a statement.