Over 2,000 members of staff at Dublin Airport have had personal information stolen by hackers. Airport operator Dublin Airport Authority (DAA) has confirmed data has been stolen after one of its suppliers, Aon, fell victim to the ongoing cyberattack by Russian ransomware gang Cl0p exploiting a vulnerability in the MOVEit Transfer file transfer software.
DAA operates Dublin Airport, which serves over 30 million passengers a year, as well as Cork Airport in the south of Ireland. It is not known if staff at the latter are affected by the attack.
Dublin Airport staff the latest victims of MOVEit Transfer vulnerability hack
Airport staff have seen pay and benefits information stolen in the breach, which occurred when Aon’s systems were accessed by Cl0p. Aon provides personalised total rewards statements to some of its employees, a DAA statement said.
Speaking to the Times, which first reported the story, a DAA spokesperson said: “Data relating to some employees pay and benefits was compromised. The DAA takes the security of sensitive personal information extremely seriously and has notified the data protection commission.” DAA is “offering support, advice and assistance to employees impacted by this cyberattack,” the spokesperson added.
It is not the first time Aon has been hit by a cyberattack. Last year the company reported that its systems had been breached by said that a “limited number of its systems” had been accessed by hackers following a breach. It later transpired that more than 145,000 customers had data stolen in the incident, leaving Aon facing two class action lawsuits.
Tech Monitor has reached out to both companies for comment but have yet to receive a response at the time of writing.
The MOVEit Transfer software supply chain hack
More victims of the MOVEit Transfer vulnerability are being revealed by the day. The attack takes advantage of a previously unknown flaw in the software, which is used by businesses around the world to make secure file transfers.
Though publisher of MOVEit Transfer, Progress Software, released a patch to fix the problem at the end of May, it has come too late for many businesses, which have already seen information stolen by Cl0p.
Last week, energy technology business Siemens Energy admitted to joining the rapidly growing list of victims, while French engineering company Schneider Electric announced that it was exploring its systems for evidence of the attack after Cl0p claimed to have breached its systems.
Early victims included the BBC and British Airways, and since then other companies such as Shell Oil, University of California, Los Angeles and the pharmaceutical business AbbVie have also been breached.
Many devices used by US government agencies are also exposed to the vulnerability, research found last week.