BA staff details stolen in cyber breach

British Airways 777
By Lisa James
Home » BA staff details stolen in cyber breach

British Airways staff have had their banking and pay details exposed by hackers in a cyber security breach that has hit companies around the world.

Hackers were able to exploit a flaw in a file transfer system called MOVEit, used by UK-based payroll provider Zellis.

Zellis said eight of its clients had been affected. It did not name the companies, but BA has confirmed it was one of them.

The compromised information includes contact details, national insurance numbers and bank details, according to reports.

The Telegraph claims the attack is being linked to a Russia-based group.

A BA employee told the Mirror: “I woke up to an email to find out all my details needed to steal my identity have been stolen from my company.”

BA is understood to be working with IAG’s Group Security Operations Centre to mitigate any misuse of information and attempt to contain the issue as much as possible.

BA said: “We have been informed that we are one of the companies impacted by Zellis’ cybersecurity incident which occurred via one of their third-party suppliers called MOVEit.

“Zellis provides payroll support services to hundreds of companies in the UK, of which we are one.

“This incident happened because of a new and previously unknown vulnerability in a widely used MOVEit file transfer tool. We have notified those colleagues whose personal information has been compromised to provide support and advice.”

Zellis said: “We can confirm that a small number of our customers have been impacted by this global issue and we are actively working to support them.”

The Information Commissioner’s Office has been informed.

Share this article

Latest News