Serco disclose data breach as part of the MOVEit data breach

Share
Serco is currently collaborating with CBIZ to investigate the breach and assess the full extent of the incident
Outsourcing company, Serco, has revealed that it was embroiled in the MOVEit hack that impacted many businesses earlier in 2023 and is now investigating

The US division of multinational outsourcing company Serco Group, Serco, recently confirmed that it was wrapped up in the huge MOVEit cyber hack.

The attack took place earlier in 2023 and used a zero-day vulnerability that allowed cyber hackers to inject commands and access the databases of MOVEit customers. As a result, numerous companies like Aon, British Airways and Siemens Energy saw their data being breached.

Serco became aware of its own breach at the end of June 2023 and found that the attackers stole the personal information of more than 10,000 individuals from a third-party vendor’s MOVEit server.

Increased cyber attack sophistication: The importance of safe data

Serco is currently collaborating with CBIZ to investigate the breach and assess the full extent of the incident. They are focusing on ensuring that the third-party vendor has now implemented the appropriate security measures to prevent future cyber incidents.

According to CBIZ, a cybersecurity firm is also conducting its own investigation.

Some of Serco’s clients include US federal agencies, including the Departments of Homeland Security, Justice and State, as well as US Intelligence Agencies and multiple US Armed Forces branches.

The company employs over 50,000 people across 35 countries and anticipated a revenue of £2.5bn (US$3.18bn) during the first half of 2023.

Cl0p, a ransomware group that has been linked to Russia, claimed responsibility for the MOVEit  hack once it was first publicised. It had been working to exploit a security flaw in MOVEit Transfer, a tool used by businesses to transfer files.

The US Cybersecurity and Infrastructure Security Agency (CISA) said last month that multiple US federal agencies were also being targeted, further confirming that this is a huge cyberattack on global data.

There have been plenty of large-scale cyber attacks that have targeted big companies that work with government agencies. Microsoft released information earlier in 2023 to suggest that a group of hackers gained access to email accounts affecting approximately 25 organisations, including government agencies.

It speaks to the huge importance of organisations ensuring safe and secure cybersecurity measures moving forward, as well as ensuring that its workforce are adequately trained to handle such an attack. Otherwise, business operations could be irreversibly impacted.

 

******

For more insights into the world of Technology - check out the latest edition of Cyber Magazine and be sure to follow us on LinkedIn & Twitter.

Other magazines that may be of interest - AI Magazine | Technology Magazine.

Please also check out our upcoming event - Sustainability LIVE in London on September 6-7 2023.

******

BizClik is a global provider of B2B digital media platforms that cover Executive Communities for CEOs, CFOs, CMOs, Sustainability Leaders, Procurement & Supply Chain Leaders, Technology & AI Leaders, Cyber Leaders, FinTech & InsurTech Leaders as well as covering industries such as Manufacturing, Mining, Energy, EV, Construction, Healthcare + Food & Drink.

BizClik – based in London, Dubai, and New York – offers services such as Content Creation, Advertising & Sponsorship Solutions, Webinars & Events.

Share

Featured Articles

VCARB & Dynatrace Accelerate AI For F1 Racing Performance

As real-time monitoring becomes crucial in motorsport, F1 team VCARB partners with Dynatrace to implement AI analytics and security systems

Apple's Siri: How The Most Private AI Assistant Works

After a lawsuit, Apple is eager to prioritise privacy in Siri through its on-device processing, minimal data collection and advanced security protection

How The UK’s AI Plan Will Impact The Cybersecurity Sector

The UK’s £14bn AI investment requires enhanced cybersecurity measures as Kyndryl and Vantage Data Centres prepare for infrastructure expansion

Darktrace to Acquire Cado Security in Cloud Defence Push

Cloud Security

Sophos MDR Reports 37% Customer Growth in Cybersecurity Push

Cyber Security

Netskope Data Shows Phishing Success Rate Tripled in 2024

Cyber Security