Ofcom, London
Riverside House in London, home of Ofcom. Image: Jim Linwood / Wikimedia Commons / CC BY 2.0

Confidential data downloaded from UK regulator Ofcom in cyberattack

Britain’s communications regulator Ofcom announced on Monday that confidential information which it held on companies it regulates was downloaded by hackers exploiting a vulnerability in the MOVEit file transfer tool.

A spokesperson for Ofcom told The Record that the regulator was “one of many organisations affected by the MOVEit cyberattack,” which has potentially impacted hundreds of organizations globally.

“A limited amount of information about certain companies we regulate – some of it confidential – along with personal data of 412 Ofcom employees, was downloaded during the attack,” the spokesperson said.

The ransomware group Clop, which Microsoft had initially warned was behind the attempts to exploit MOVEit, published an extortion note last week claiming that it used the bug to attack “hundreds” of businesses.

It warned that these victims needed to proactively contact the gang to negotiate a ransom, or they would be named on the group’s extortion site on June 14.

Independently of Clop’s claims, it is not known how many companies globally have been affected by the hacking campaign.

Last Thursday, security researchers identified more than 2,000 instances of the tool exposed to the public internet, with the majority in the United States.

There were 128 instances of MOVEit Transfer exposed to the internet from the U.K., although the number of companies impacted by the incident may be much higher.

The compromise of a single company using the tool, a payroll services provider called Zellis, has already been blamed for hackers compromising at least four businesses operating in Britain and Ireland, including the BBC, British Airways, Boots and Aer Lingus.

Ofcom’s spokesperson said the regulator took the security of commercially confidential and sensitive personal information “extremely seriously.”

“We took immediate action to prevent further use of the MOVEit service and to implement the recommended security measures. We also swiftly alerted all affected Ofcom-regulated companies, and we continue to offer support and assistance to our colleagues,” the spokesperson added.

The software company Progress, which develops the popular MOVEit tool, last week announced a second vulnerability affecting the software, following more announcements of breaches as a result of the program’s issues.

Get more insights with the
Recorded Future
Intelligence Cloud.
Learn more.
What is Threat Intelligence
No previous article
No new articles
Alexander Martin

Alexander Martin

is the UK Editor for Recorded Future News. He was previously a technology reporter for Sky News and is also a fellow at the European Cyber Conflict Research Initiative.