The BBC has been informed by cybercriminals that they do not own any information from significant UK firms that are rumoured to have been hacked in bulk.

Businesses like the BBC, British Airways, and Boots have informed personnel that private payroll information was stolen in the incident last month.

However, the hackers Clop now assert that “we don’t have that data” in an email.

It makes it more likely that either Clop is lying or that another unidentified hacker group has the stolen material.

In order to access the data of the BBC, Boots, and BA, hackers broke into Zellis, a UK payroll provider. Zellis stated it couldn’t comment since a police investigation was continuing.

To coerce the victims of its attack into paying a ransom, Clop has been publishing firm profiles of them since June 14th.

However, the names of any of the biggest and most well-known victims in the UK have not yet been revealed.

Nearly 50 victims’ names, websites, and business addresses have all been added by Clop in small batches to their darknet domain.

The organisations come from more than a dozen nations, including the US, Germany, Switzerland, the UK, Canada, and Belgium. They include banks, universities, travel agencies, and software companies.

Several of the businesses that Clop identified on their alleged “leak site” have independently acknowledged that they had experienced data theft.

If victims don’t pay the ransom, which is most likely to be in the hundreds of thousands of dollars or more in Bitcoin, Clop will expose the stolen data.

We don’t have that information,
Numerous firms that employed the file transfer programme MOVEit are believed to have had their data stolen.

This includes eight significant UK companies, including the BBC, BA, and Boots, which were clients of Zellis, which was also compromised by MOVEit.

However, in an email conversation with the BBC, the cybercriminals continually denied stealing the Zellis data.

“We don’t have that information, and we let Zellis know. Simply put, we lack it. We are a seasoned squad and have never misled anyone; if we state that we are missing information, we are missing it, the hackers argued.

We were given no further information from Zellis other than a reference to its prior statement, which read: “We can confirm that a small number of our customers have been impacted by this global issue and we are actively working to support them.”

The business claims that as soon as it learned about the intrusion, it acted right away to disconnect the computer server hosting the MOVEit software.

The company claims it has contacted the appropriate UK data authorities and has hired an expert outside security team to assist it in responding to the incident.

There are numerous options
Clop’s assertions, which further muddy an already complex scenario, perplex cyber security specialists.

Clop might be concealing the fact that they got the data as part of a selling transaction with another hacking gang, according to threat researcher Brett Callow from Emsisoft.

However, according to Clop, “we didn’t sell anything to other hackers.”

There are other options, according to other professionals.

Amir Hadipasi, the director of SOS Intelligence, stated that “Clop has no real reason to say they don’t have the data.”

“If they are telling the truth, it leads me to believe that some other hackers may have entered and stolen the data before Clop, and if Clop don’t have the data, then this situation is less predictable,” said the source. Another hacking organisation will likely use the files to end up somewhere on the darkweb, he continued.

The MOVEit creators, Progress Software, originally disclosed the exploit on May 31.

The thieves managed to break into MOVEit and used that access to gain access to the databases of perhaps hundreds of additional businesses.

However, since the first MOVEit disclosure, researchers have discovered many security flaws in the programme, raising the possibility that the data was taken by a different entity via a different method.

For “information linking the Clop gang or any other malicious cyber actors targeting US critical infrastructure to a foreign government,” the US offered a $10 million bounty on Friday.

Related Post :

Users of the Virgin Media email service experience frequent failure

The post Gang claimed to not have BBC, BA, or Boots data following the MOVEit breach appeared first on .