Aon data breach: MOVEit data hack exposes major corporations

With the MOVEit hack happening in June 2023, more companies continue to confirm that their data has been left compromised as a result of leaks

In the wake of Aon being embroiled in the MOVEit data hack, masses of data from notable organisations has been compromised.

Aon has been a victim of a third-party data breach through the file-transfer platform MOVEit with information from around 100 of its clients being published online. Clients affected include Dublin Airport, British Airways and Siemens Energy, to name a few.

This information comes in the wake of IT Governance confirming in May 2023 that more than 98 million records were compromised by cyber attacks worldwide - a 97% increase against May 2022 and a 2,156% increase from April 2023.

Compromised data as a result of global hacks

Dublin Airport confirmed that it was impacted by the breach, with a spokesperson telling The Times: “DAA can confirm that as a result of a recent cyber-attack on Aon, a third-party professional service provider, data relating to some employees' pay and benefits was compromised.”

Some financial information linked to Dublin Airport staff has been compromised by the cyberattack on provider company Aon. Whilst the airport has publicly attributed the cyberattack to Aon, the company itself has not issued a public statement at the time that this article is published.

The MOVEit hack has targeted a wide range of entities, including US government agencies, the UKs telecom regulator Ofcom, Shell Oil, and the University of California, Los Angeles, all of which have publicly confirmed data breaches.

Even energy technology company Siemens Energy acknowledged it had fallen victim to the vulnerability. In addition, French engineering company Schneider Electric has said that it was investigating its systems for any signs of the attack, following claims that its systems had been breached by those behind the hacks.

Corporations and federal agencies continue to be targeted

Cl0p, a ransomware group that has been linked to Russia, has since claimed responsibility for the hack. It has been exploiting a security flaw in MOVEit Transfer, a tool used by businesses to transfer files.

The US Cybersecurity and Infrastructure Security Agency (CISA) said last month that multiple US federal agencies were also being targeted, further confirming that this is a huge cyberattack on global data.

This type of hack on global businesses speaks to wider concerns about increased cyber threats and the warfare on online security systems. 

Another example from 2023 is that approximately 90 organisations disclosed breaches of personal information following a cyber-attack on Capita, a prominent outsourcing group. The incident, much like the MOVEit hack, highlights a critical need for organisations to bolster cybersecurity measures worldwide. 

Ultimately, this type of widespread data breach has far-reaching consequences that impact both the targeted organisation and the individuals whose personal information is exposed.

Share

Featured Articles

Tech & AI LIVE: Key Events that are Vital for Cybersecurity

Connecting the world’s technology and AI leaders, Tech & AI LIVE returns in 2024, find out more on what’s to come in 2024

MWC Barcelona 2024: The Future is Connectivity

Discover the latest in global technology and connectivity at MWC Barcelona 2024, where industry giants converge to discuss 5G, AI and more industry trends

AI-Based Phishing Scams Are On The Rise This Valentine’s Day

Research from Egress Threat Intelligence, Avast, Cequence Security & KnowBe4 outlines how AI is being used in dating app phishing scams on Valentine’s Day

Speaker Lineup Announced for Tech Show London 2024

Technology & AI

Darktrace predicts AI deepfakes and cloud vulnerabilities

Cloud Security

Secure 2024: AI’s impact on cybersecurity with Integrity360

Technology & AI