View all newsletters
Receive our newsletter - data, insights and analysis delivered to you

Thousands of Dublin Airport staff fall victim to Cl0p’s MOVEit Transfer vulnerability cyberattack

Airport operator DAA says it will support its team after revealing data could be at risk.

By Claudia Glover

Over 2,000 members of staff at Dublin Airport have had personal information stolen by hackers. Airport operator Dublin Airport Authority (DAA) has confirmed data has been stolen after one of its suppliers, Aon, fell victim to the ongoing cyberattack by Russian ransomware gang Cl0p exploiting a vulnerability in the MOVEit Transfer file transfer software.

Employees at Dublin Airport have had data stolen. (Photo by Peter Krocka/Shutterstock)

DAA operates Dublin Airport, which serves over 30 million passengers a year, as well as Cork Airport in the south of Ireland. It is not known if staff at the latter are affected by the attack.

Dublin Airport staff the latest victims of MOVEit Transfer vulnerability hack

Airport staff have seen pay and benefits information stolen in the breach, which occurred when Aon’s systems were accessed by Cl0p. Aon provides personalised total rewards statements to some of its employees, a DAA statement said.

Speaking to the Times, which first reported the story, a DAA spokesperson said: “Data relating to some employees pay and benefits was compromised. The DAA takes the security of sensitive personal information extremely seriously and has notified the data protection commission.” DAA is “offering support, advice and assistance to employees impacted by this cyberattack,” the spokesperson added.

It is not the first time Aon has been hit by a cyberattack. Last year the company reported that its systems had been breached by said that a “limited number of its systems” had been accessed by hackers following a breach. It later transpired that more than 145,000 customers had data stolen in the incident, leaving Aon facing two class action lawsuits.

Tech Monitor has reached out to both companies for comment but have yet to receive a response at the time of writing.

The MOVEit Transfer software supply chain hack

More victims of the MOVEit Transfer vulnerability are being revealed by the day. The attack takes advantage of a previously unknown flaw in the software, which is used by businesses around the world to make secure file transfers.

Content from our partners
Scan and deliver
GenAI cybersecurity: "A super-human analyst, with a brain the size of a planet."
Cloud, AI, and cyber security – highlights from DTX Manchester

Though publisher of MOVEit Transfer, Progress Software, released a patch to fix the problem at the end of May, it has come too late for many businesses, which have already seen information stolen by Cl0p.

Last week, energy technology business Siemens Energy admitted to joining the rapidly growing list of victims, while French engineering company Schneider Electric announced that it was exploring its systems for evidence of the attack after Cl0p claimed to have breached its systems.

Early victims included the BBC and British Airways, and since then other companies such as Shell Oil, University of California, Los Angeles and the pharmaceutical business AbbVie have also been breached.

Many devices used by US government agencies are also exposed to the vulnerability, research found last week.

Read more: Chipmaker TSMC hit by $70m cyberattack from LockBit ransomware gang

Topics in this article :
Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.