Aon data breach: MOVEit data hack exposes major corporations

Share
Whilst Dublin Airport has publicly attributed the cyberattack to Aon, the company itself has not yet issued a public statement
With the MOVEit hack happening in June 2023, more companies continue to confirm that their data has been left compromised as a result of leaks

In the wake of Aon being embroiled in the MOVEit data hack, masses of data from notable organisations has been compromised.

Aon has been a victim of a third-party data breach through the file-transfer platform MOVEit with information from around 100 of its clients being published online. Clients affected include Dublin Airport, British Airways and Siemens Energy, to name a few.

This information comes in the wake of IT Governance confirming in May 2023 that more than 98 million records were compromised by cyber attacks worldwide - a 97% increase against May 2022 and a 2,156% increase from April 2023.

Compromised data as a result of global hacks

Dublin Airport confirmed that it was impacted by the breach, with a spokesperson telling The Times: “DAA can confirm that as a result of a recent cyber-attack on Aon, a third-party professional service provider, data relating to some employees' pay and benefits was compromised.”

Some financial information linked to Dublin Airport staff has been compromised by the cyberattack on provider company Aon. Whilst the airport has publicly attributed the cyberattack to Aon, the company itself has not issued a public statement at the time that this article is published.

The MOVEit hack has targeted a wide range of entities, including US government agencies, the UKs telecom regulator Ofcom, Shell Oil, and the University of California, Los Angeles, all of which have publicly confirmed data breaches.

Even energy technology company Siemens Energy acknowledged it had fallen victim to the vulnerability. In addition, French engineering company Schneider Electric has said that it was investigating its systems for any signs of the attack, following claims that its systems had been breached by those behind the hacks.

Corporations and federal agencies continue to be targeted

Cl0p, a ransomware group that has been linked to Russia, has since claimed responsibility for the hack. It has been exploiting a security flaw in MOVEit Transfer, a tool used by businesses to transfer files.

The US Cybersecurity and Infrastructure Security Agency (CISA) said last month that multiple US federal agencies were also being targeted, further confirming that this is a huge cyberattack on global data.

This type of hack on global businesses speaks to wider concerns about increased cyber threats and the warfare on online security systems. 

Another example from 2023 is that approximately 90 organisations disclosed breaches of personal information following a cyber-attack on Capita, a prominent outsourcing group. The incident, much like the MOVEit hack, highlights a critical need for organisations to bolster cybersecurity measures worldwide. 

Ultimately, this type of widespread data breach has far-reaching consequences that impact both the targeted organisation and the individuals whose personal information is exposed.

Share

Featured Articles

Why Dow Jones Has Increased Its Investment in Ripjar

Dow Jones has increased its investment with Ripjar for the companies ability to strengthen its analytics and compliance services

Who Stands to Fill Top Cyber Posts in Trump Administration?

Although eyes will be on the big roles like Chief of Staff, many new positions for key cyber roles will be opening up for the incoming administration

DARPA, BBN Technologies and the Cyber Imperative for CPM

US Defense Advanced Research Projects Agency (DARPA) is tapping BBN Technologies to usher in its Compartmentalization and Privilege Management programme

Mimecast Updates Bring AI to BEC Battleground

Technology & AI

Dazz: The Firm that Has Wiz Eyeing an Acquisition

Cyber Security

Google's Big Sleep: From Concept to Vulnerability Discovery

Technology & AI