Serco disclose data breach as part of the MOVEit data breach

Serco is currently collaborating with CBIZ to investigate the breach and assess the full extent of the incident
Outsourcing company, Serco, has revealed that it was embroiled in the MOVEit hack that impacted many businesses earlier in 2023 and is now investigating

The US division of multinational outsourcing company Serco Group, Serco, recently confirmed that it was wrapped up in the huge MOVEit cyber hack.

The attack took place earlier in 2023 and used a zero-day vulnerability that allowed cyber hackers to inject commands and access the databases of MOVEit customers. As a result, numerous companies like Aon, British Airways and Siemens Energy saw their data being breached.

Serco became aware of its own breach at the end of June 2023 and found that the attackers stole the personal information of more than 10,000 individuals from a third-party vendor’s MOVEit server.

Increased cyber attack sophistication: The importance of safe data

Serco is currently collaborating with CBIZ to investigate the breach and assess the full extent of the incident. They are focusing on ensuring that the third-party vendor has now implemented the appropriate security measures to prevent future cyber incidents.

According to CBIZ, a cybersecurity firm is also conducting its own investigation.

Some of Serco’s clients include US federal agencies, including the Departments of Homeland Security, Justice and State, as well as US Intelligence Agencies and multiple US Armed Forces branches.

The company employs over 50,000 people across 35 countries and anticipated a revenue of £2.5bn (US$3.18bn) during the first half of 2023.

Cl0p, a ransomware group that has been linked to Russia, claimed responsibility for the MOVEit  hack once it was first publicised. It had been working to exploit a security flaw in MOVEit Transfer, a tool used by businesses to transfer files.

The US Cybersecurity and Infrastructure Security Agency (CISA) said last month that multiple US federal agencies were also being targeted, further confirming that this is a huge cyberattack on global data.

There have been plenty of large-scale cyber attacks that have targeted big companies that work with government agencies. Microsoft released information earlier in 2023 to suggest that a group of hackers gained access to email accounts affecting approximately 25 organisations, including government agencies.

It speaks to the huge importance of organisations ensuring safe and secure cybersecurity measures moving forward, as well as ensuring that its workforce are adequately trained to handle such an attack. Otherwise, business operations could be irreversibly impacted.

 

******

For more insights into the world of Technology - check out the latest edition of Cyber Magazine and be sure to follow us on LinkedIn & Twitter.

Other magazines that may be of interest - AI Magazine | Technology Magazine.

Please also check out our upcoming event - Sustainability LIVE in London on September 6-7 2023.

******

BizClik is a global provider of B2B digital media platforms that cover Executive Communities for CEOs, CFOs, CMOs, Sustainability Leaders, Procurement & Supply Chain Leaders, Technology & AI Leaders, Cyber Leaders, FinTech & InsurTech Leaders as well as covering industries such as Manufacturing, Mining, Energy, EV, Construction, Healthcare + Food & Drink.

BizClik – based in London, Dubai, and New York – offers services such as Content Creation, Advertising & Sponsorship Solutions, Webinars & Events.

Share

Featured Articles

Founder Shield MD on Navigating Multi-Cloud Complexities

Founder Shield Managing Director Jonathan Selby talks strategies to navigating the complexities of multi-cloud set ups

Qodea CISO Explains How Cyber Threats Could Outrun Cost

Qodea CISO Business Manager Ed Russell explains how growth in sophistication and volume of attacks means current investment in defences falls short

Nokia and NL-ix Deploy Europe’s Largest IXP-Based Anti-DDoS

This collaboration between Nokia and NL-ix is unprecedented both being Largest IXP-Based Anti-DDoS, but the first anti-DDoS solution deployed by an IXP

Bridging the Gap: Examining the UK-US Data Bridge

Data Breaches

Hiddenlayer CSO Tells Why It Made an AI Security Council

Technology & AI

Cooperation Key Theme at Microsoft Endpoint Security Summit

Cyber Security