Aon data breach: MOVEit data hack exposes major corporations

Whilst Dublin Airport has publicly attributed the cyberattack to Aon, the company itself has not yet issued a public statement
With the MOVEit hack happening in June 2023, more companies continue to confirm that their data has been left compromised as a result of leaks

In the wake of Aon being embroiled in the MOVEit data hack, masses of data from notable organisations has been compromised.

Aon has been a victim of a third-party data breach through the file-transfer platform MOVEit with information from around 100 of its clients being published online. Clients affected include Dublin Airport, British Airways and Siemens Energy, to name a few.

This information comes in the wake of IT Governance confirming in May 2023 that more than 98 million records were compromised by cyber attacks worldwide - a 97% increase against May 2022 and a 2,156% increase from April 2023.

Compromised data as a result of global hacks

Dublin Airport confirmed that it was impacted by the breach, with a spokesperson telling The Times: “DAA can confirm that as a result of a recent cyber-attack on Aon, a third-party professional service provider, data relating to some employees' pay and benefits was compromised.”

Some financial information linked to Dublin Airport staff has been compromised by the cyberattack on provider company Aon. Whilst the airport has publicly attributed the cyberattack to Aon, the company itself has not issued a public statement at the time that this article is published.

The MOVEit hack has targeted a wide range of entities, including US government agencies, the UKs telecom regulator Ofcom, Shell Oil, and the University of California, Los Angeles, all of which have publicly confirmed data breaches.

Even energy technology company Siemens Energy acknowledged it had fallen victim to the vulnerability. In addition, French engineering company Schneider Electric has said that it was investigating its systems for any signs of the attack, following claims that its systems had been breached by those behind the hacks.

Corporations and federal agencies continue to be targeted

Cl0p, a ransomware group that has been linked to Russia, has since claimed responsibility for the hack. It has been exploiting a security flaw in MOVEit Transfer, a tool used by businesses to transfer files.

The US Cybersecurity and Infrastructure Security Agency (CISA) said last month that multiple US federal agencies were also being targeted, further confirming that this is a huge cyberattack on global data.

This type of hack on global businesses speaks to wider concerns about increased cyber threats and the warfare on online security systems. 

Another example from 2023 is that approximately 90 organisations disclosed breaches of personal information following a cyber-attack on Capita, a prominent outsourcing group. The incident, much like the MOVEit hack, highlights a critical need for organisations to bolster cybersecurity measures worldwide. 

Ultimately, this type of widespread data breach has far-reaching consequences that impact both the targeted organisation and the individuals whose personal information is exposed.

Share

Featured Articles

Gary Merrill: Who Is Commvault’s First-Ever CCO?

Experiencing a period of rapid growth, Commvault have created the new position of CCO and given it to company veteran and former CFO Gary Merrill to lead

Xalient's Stephen Amstutz on Need for Cyber Staff Wellness

Stephen Amstutz, Director of Innovation at Xalient explains why cyber staff are getting stressed and what can be done to help

Worldwide IT Outage Not Cyber Attack - But Software Update

The global IT outage that is being described as one of the biggest ever is thankfully not being attributed to a cyber attack, but rather a software update

Companies Across Cyber Sphere Warn of Surge in DDoS attacks

Cyber Security

UK Takes Steps to Strengthen Country's Cyber Security

Cyber Security

BlueVoyant Launch Platform to Tackle Supplier Attack Surface

Operational Security