Ofcom confirms compromised data in mass hack

Ofcom has confirmed some information and “personal data” has been compromised in a mass hack.

Ofcom has confirmed some information and “personal data” has been compromised in a mass hack.

The media watchdog has revealed that confidential data about some companies regulates as well as personal information from over 400 employees has been downloaded as part of a mass hack linked to a Russian ransomware group which also impacted the BBC, Boots and British Airways.

In a statement, Ofcom said: “A limited amount of information about certain companies we regulate – some of it confidential – along with personal data of 412 Ofcom employees, was downloaded during the attack.

“We took immediate action to prevent further use of the MOVEit service and to implement the recommended security measures.

“We also swiftly alerted all affected Ofcom-regulated companies, and we continue to offer support and assistance to our colleagues.”

The hackers breached the MOVEit software, which is made to securely shift sensative files – including bank account details and employee addresses – around the world.

No payroll data is believed to have been compromised, and neither were its own systems.

MOVEit noted that as soon as it became aware of the issue, it “immediately launched an investigation into our use of the tool and took urgent steps to safeguard any data”.

While the majority of its systems using the software were unaffected, the firm said: “We are manually and thoroughly investigating systems where data may have been accessed.

“Our priority is to first communicate to those impacted, as well as the relevant authorities. Our investigation is ongoing.”