Ofcom victim of ransomware attack through MOVEit vulnerability

Ofcom, the UK telecoms regulator, has confirmed that was a victim to a cyberattack carried out by the cybercriminal organization Cl0p.

This attack comes in the wake of several other companies, including the BBC, British Airways, and Boots, announcing that they have also suffered from data breaches by the same ransomware group, affecting a total of over 100,000 employees. Ofcom reports that the personal information of 412 of its employees and confidential data from companies regulated by Ofcom were accessed in the attack. However, payroll data was not compromised in this instance.

The breach was facilitated by vulnerabilities in MOVEit.

Ofcom took immediate action to minimize the impact of the attack and promptly notified privacy regulators. Ofcom stated that a limited amount of information about certain regulated companies, some of which was confidential, along with personal data of its employees, was downloaded during the attack.

The regulator also informed all affected companies and offered support and assistance to those involved.