Close this search box.

Are you involved in the biggest data hack of 2023?

In May 2023, Russian ransomware gang C10p (otherwise known as Clop) began abusing a vulnerability in the MOVEit file transfer platform owned by Progress Software. The widespread attack saw data stolen from governments, financial institutions, and other public and private organisations across the world. The breach is thought to be the biggest hack of 2023.  

According to one source, 2,770 organisations have reported being attacked, with data thefts affecting more than 94 million people (as of 29 April 2024).  

In the UK, thousands of people are now at risk because of the MOVEit breach. Because it used MOVEit, UK payroll company Zellis was one of those impacted by the security violation. Zellis provides services to hundreds of companies in the UK. Many of its clients are caught up in the breach.  

Affected Zellis clients include (but are not limited to) BA, BBC, Boots and DHL. The personal data of current and former employees of these companies could be at risk because of the MOVEit cyber-attack.  

Several other UK-based organisations have confirmed their involvement in the breach, or had their involvement confirmed by hackers. These companies include Transport for London, Ofcom, Shell, Ernst & Young, AON, PwC, MS Amlin, Digital Insight Technologies Ltd, De La Rue and Level 8 Solutions. As some of these organisations held personal data provided by other companies, the domino effect of the MOVEit data breach keeps going.

Are you affected by the MOVEit data breach?

Affected companies should be in touch to notify employees and customers if they are involved in this breach. If you do not receive this notification, it is unlikely that you are affected. If you have received notification of your involvement, you should take steps to protect yourself.  

Consumer credit reporting company Experian has provided some advice to help people involved in the MOVEit data breach boost their defences. This advice includes:  

  • Freezing your credit limit to stop identity thieves from opening accounts in your name 
  • Changing important passwords and login information  
  • Using a free password manager to help you create authentic passwords that are hard to crack 
  • Implementing multifactor authentication 
  • Requesting a fraud alert with the national credit bureaus (Experian, TransUnion and Equifax) to make it difficult for fraudsters to open a credit account in your name. You only need to initiate one alert for it to be placed on all three credit reports 
  • Keeping an eye on your bank accounts and credit cards for any activity you don’t recognise  
  • Contacting financial institutions immediately if you spot any activity you do not recognise 
  • Protecting your identity with a robust identity theft monitoring and dark web surveillance plan. 

What to do now

If you are affected by the MOVEit data breach you could have a no-win, no-fee data breach compensation claim. Our simple eligibility checker provides instant clarity. Answer a few straightforward questions, and you’ll know if you could qualify to join a group action claim. 

If you do have a claim, register your interest and we’ll keep you updated with developments in this case. 

Stay informed about compensation
YOU could be entitled to!

Subscribe to our newsletter and get breaking news on the latest consumer injustices and group claims.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may also like:

In January 2024, the High Court ruled that drivers could sue BMW for fitting some diesel vehicles with devices that tricked emissions tests. The illegal devices made it seem like BMW’s diesel cars were less-polluting than they actually were.
The Equal Pay Act protects employees from unfair discrimination in the workplace. The law states that both men and women should be paid equally where they are doing the same job (or one of equal value). This means companies can't treat you differently based on your gender when it comes to pay.
After a cyberattack in March 2023, pension holders across the UK had their data stolen. In the wake of this breach, law firms are rallying to help those affected. Their mission: to pursue justice and secure compensation for victims of the Capita data breach.