MOVEit/Zellis data breach compensation: How to claim
If you have been affected by the MOVEit/Zellis data breach, our data breach solicitors at Hayes Connor can help. As specialists in the field, we have the expertise and experience required to help you secure the compensation you deserve. To register your interest and become part of our Claimant group, please fill in our simple online enquiry form.
A cyber-attack which targeted the MOVEit file transfer system, used by UK-based payroll provider Zellis, has exposed sensitive information, including bank and contact details, for a large number of employees at various high-profile businesses.
The businesses affected by the MOVEit/Zellis data breach include, among others:
- Baird Group
- British Airways
- CDER Group
- Northamptonshire Childrens Trust
- West Northampton Council
MOVEit, which is produced by Progress Software, was exploited by the Russian group Clop, who have since sent an email to Reuters to claim responsibility.
A ‘zero-day’ vulnerability in the MOVEit system allowed the hackers to access information on a range of global companies. Thousands of firms are thought to be affected by the MOVEit attack.
The UK-based payroll provider Zellis, who use MOVEit as a third-party supplier, has since revealed that several clients were among those affected. While they did not initially name the companies involved in the MOVEit/Zellis data breach, several high-profile firms have released statements of their own to confirm they had been hit by the Zellis payroll breach.
Companies that revealed that they have been affected by the MOVEit/ Zellis data breach several businesses who employs thousounds of people in the UK, including AON, the BBC, Boots, British Airways, Creation Finances, DPD, DHL and JLL.
In an official statement on the Zellis data breach, the payroll provider said: “A large number of companies around the world have been affected by a zero-day vulnerability in Progress Software's MOVEit Transfer product.
Christine Sabino, Legal Director at Hayes Connor, has commented on the Zellis data breach, saying: “The consequences of data breaches and the theft of sensitive information are far-reaching.
“Personal information, even in small fragments like names, dates of birth, or
addresses can lead to identity theft, resulting in financial losses, reputational
damage, and emotional distress for the victims.“In light of this alarming incident, it is crucial for businesses to implement stringent
data security measures and maintain transparency with their customers, partners,
and employees. By doing so, organisations can mitigate risks, safeguard sensitive
data, and demonstrate their commitment to protecting individuals' privacy.”
If your employee data has been exposed as a result of the MOVEit /Zellis data breach, you may be able to make a claim for compensation. This is something the team at Hayes Connor can help you with.
We have a dedicated team of data breach specialists who are ready to support anyone who may have been affected by the Zellis data breach. When instructed, we will be able to step in to provide tailored guidance on whether you will be in a position to make a claim and what the process is likely to involve.
To find out more about how you can make a Zellis data breach compensation claim, please fill in our online enquiry form.
Who was behind the MOVEit/Zellis hack?
Clop, a Russian-based cyber gang have taken responsibility for the Zellis payroll data breach.
Reports from various reputed sources, such as Bleeping Computer, have noted that Clop began to list victims on its data leak site in June.
Clop has been in the headlines many times for similar data breach incidents in the past. It is believed that the group have been responsible for successfully attacking at least 230 companies across various industries.
Which companies use MOVEit/Zellis?
MOVEit is a file transfer system which is used by thousands of firms internationally. The US Department of Energy, Shell Company, Chase Bank, and Major League Baseball are al cited as customers of Progress Software who produce MOVEit.
Zellis, the payroll provider are one such company which uses MOVEit. By extension, this means that companies in the UK which use Zellis have been left vulnerable following the attack.
For instance, Arnold Clark, who have been involved in a separate data breach incident, are believed to work with Zellis, though there has been no confirmation on their position.
What companies were affected by MOVEit/Zellis breach?
Hundreds of companies worldwide are said to have been affected by the MOVEit data breach, including those who work with payroll provider Zellis in the UK.
While the list of companies that have been affected by the MOVEit/Zellis data breach in the UK has not been fully established, many have released statements to confirm their involvement, including:
- British Airways
- Creation Finance
What to do if you are concerned about the MOVEit/Zellis data breach
If your data has been exposed as a result of a cyber-attack, you should be informed by your employer that this is the case. However, there have been many previous examples of employers failing to take this step, meaning it is not always a guarantee that you will receive the correct notification.
If you have not been contacted by your employer, and you are concerned that your data may be at risk as a result of the MOVEit/Zellis data breach, it is important that you get in touch with them as soon as possible.
At this stage, you should also be extremely wary of any unexpected communications, particularly if they appear to be from your employer. In some cases, these could be phishing attacks which are designed to extract further personal information from you.
There are a number of ways to reduce the potential risk of cybercriminals using your personal data against you. To learn more about this, read our helpful guide on what to do if your data has been stolen in a data breach.
If your data has been compromised in the MOVEit/Zellis data breach, you may be able to claim compensation. This is where our data breach experts at Hayes Connor will be able to support you.
How Hayes Connor can help you claim compensation for the MOVEit/Zellis data breach
Employers, and any relevant third parties, have a wide range of legal obligations when handling your personal data. This includes taking the correct measures to prevent any cyber-attacks which could lead to your data falling into the wrong hands – as happened in the MOVEit/Zellis data breach.
At Hayes Connor, we have one of the largest teams of data breach experts in the country. Our team have a wealth of combined experience and expertise which we use to support individuals who have been affected by all forms of data breaches.
Our team can work alongside you to establish a clear understanding of your personal circumstances and how the breach may have affected you. This will then give us the information we need to inform you on whether you will be eligible to claim MOVEit/Zellis data breach compensation and how the general claims process will work.
We understand how difficult and distressing it can be to learn that you are the innocent victim of a data breach. As such, we will take the time to provide close personal support during this time, making the process as clear and straightforward as possible at the same time.
You can find out more about our expertise and how we handle data breach claims here.
To start a claim for MOVEit/Zellis data breach compensation, you can use our online claim form.
To speak to a member of our team about making a MOVEit/Zellis data breach claim, please do not hesitate to give us a call on 0330 041 5131.