British Airways, Boots staff data compromised by payroll hack
(Reuters) — British Airways and retailer Boots said their staffs were among those hit by a cyberattack on Zellis, a payroll provider used by hundreds of companies in Britain.
British Airways, owned by IAG, said it had notified affected employees and was providing them with support.
“We have been informed that we are one of the companies impacted by Zellis' cybersecurity incident which occurred via one of their third-party suppliers called MOVEit,” BA said in a statement Monday.
Part of the Walgreens Boots Alliance, Boots said the attack had included some of its employees' personal details.
“Our provider assured us that immediate steps were taken to disable the server,” Boots said.
Boots employs over 50,000 people in Britain, while British Airways has about 30,000 staff.
U.S. security researchers warned Thursday that hackers had stolen data from the systems of a number of users of file transfer tool MOVEit Transferone one day after the maker of the software disclosed that a security flaw had been discovered.
The compromised data includes names, addresses and national insurance numbers, according to the Daily Telegraph, which first reported which companies had been affected by the breach.
