Serco disclose data breach as part of the MOVEit data breach

Outsourcing company, Serco, has revealed that it was embroiled in the MOVEit hack that impacted many businesses earlier in 2023 and is now investigating

The US division of multinational outsourcing company Serco Group, Serco, recently confirmed that it was wrapped up in the huge MOVEit cyber hack.

The attack took place earlier in 2023 and used a zero-day vulnerability that allowed cyber hackers to inject commands and access the databases of MOVEit customers. As a result, numerous companies like Aon, British Airways and Siemens Energy saw their data being breached.

Serco became aware of its own breach at the end of June 2023 and found that the attackers stole the personal information of more than 10,000 individuals from a third-party vendor’s MOVEit server.

Increased cyber attack sophistication: The importance of safe data

Serco is currently collaborating with CBIZ to investigate the breach and assess the full extent of the incident. They are focusing on ensuring that the third-party vendor has now implemented the appropriate security measures to prevent future cyber incidents.

According to CBIZ, a cybersecurity firm is also conducting its own investigation.

Some of Serco’s clients include US federal agencies, including the Departments of Homeland Security, Justice and State, as well as US Intelligence Agencies and multiple US Armed Forces branches.

The company employs over 50,000 people across 35 countries and anticipated a revenue of £2.5bn (US$3.18bn) during the first half of 2023.

Cl0p, a ransomware group that has been linked to Russia, claimed responsibility for the MOVEit  hack once it was first publicised. It had been working to exploit a security flaw in MOVEit Transfer, a tool used by businesses to transfer files.

The US Cybersecurity and Infrastructure Security Agency (CISA) said last month that multiple US federal agencies were also being targeted, further confirming that this is a huge cyberattack on global data.

There have been plenty of large-scale cyber attacks that have targeted big companies that work with government agencies. Microsoft released information earlier in 2023 to suggest that a group of hackers gained access to email accounts affecting approximately 25 organisations, including government agencies.

It speaks to the huge importance of organisations ensuring safe and secure cybersecurity measures moving forward, as well as ensuring that its workforce are adequately trained to handle such an attack. Otherwise, business operations could be irreversibly impacted.



For more insights into the world of Technology - check out the latest edition of Cyber Magazine and be sure to follow us on LinkedIn & Twitter.

Other magazines that may be of interest - AI Magazine | Technology Magazine.

Please also check out our upcoming event - Sustainability LIVE in London on September 6-7 2023.


BizClik is a global provider of B2B digital media platforms that cover Executive Communities for CEOs, CFOs, CMOs, Sustainability Leaders, Procurement & Supply Chain Leaders, Technology & AI Leaders, Cyber Leaders, FinTech & InsurTech Leaders as well as covering industries such as Manufacturing, Mining, Energy, EV, Construction, Healthcare + Food & Drink.

BizClik – based in London, Dubai, and New York – offers services such as Content Creation, Advertising & Sponsorship Solutions, Webinars & Events.


Featured Articles

UK police cyberattack a reminder of third party risk

Cyber criminals use back-door suppliers cyberattack to spread alarm through Britain's biggest police force

Building Cyber Resilience into ‘OT in Manufacturing’ webinar

Join Acronis' webinar, Building Cyber Resilience into ‘OT in Manufacturing’, 21st September 2023

Trustwave report on hospitality industry security threats

Nearly 31% of hospitality organisations have reported a data breach in their company’s history, according to a Trustwave cybersecurity report

Barracuda Managed XDR uses AI to uncover cyber incidents

Technology & AI

Imperva: 32% of work data breaches could have been avoided

Operational Security

Supply chain cyberattacks seen as catastrophic for business

Cyber Security