The media watchdog Ofcom has acknowledged that it was the target of a cyberattack by criminals affiliated with a well-known Russian ransomware group.
The widespread hack downloaded private information from 412 employees as well as confidential information about some companies governed by Ofcom.
The software flaw has impacted a number of businesses, including British Airways, the BBC, and Boots.
Ofcom claimed to have "swiftly" informed every company it controls.
The Information Commissioners Office (ICO), the data and privacy watchdog, has been tasked with investigating the matter, according to the media watchdog.
According to the BBC, no payroll data was impacted.
412 Ofcom employees' personal information was also downloaded during the attack, along with a small amount of confidential information about some of the companies we regulate.
"We implemented the suggested security measures right away in order to stop further use of the MOVEit service. As we continue to support and help our colleagues, we also promptly alerted all impacted Ofcom-regulated businesses. " .
None of its own systems, it claimed, were compromised in the attack.
A "supply-chain attack" was used to commit the hack.
It was initially made public when US company Progress Software claimed that hackers had discovered a way to access its MOVEit Transfer tool.
MOVEit is a widely used piece of software made specifically for securely moving sensitive data. Hackers gained access to a number of businesses by taking advantage of a security flaw in the program.
Affected by third party agreements are some organizations that do not even use MOVEit.
The BBC, for instance, has experienced data breaches involving both present and former employees as a result of Zellis, a company that manages the broadcaster's payroll, using MOVEit and falling foul of it.
It is known that eight businesses, including the airlines British Airways and Aer Lingus as well as the retailer Boots, who used Zellis, are impacted. It's believed that MOVEit is used by dozens of additional UK businesses.
The notorious Clop ransomware group, which is thought to have its base of operations in Russia, is connected to the hackers who carried out the hack.
If businesses do not email them to start the negotiations by Wednesday, they risk publishing information about those businesses.
The group is well-known for following through on threats, and it is likely that organizations will have private data published on the gang's darknet website in the coming weeks, according to BBC cyber correspondent Joe Tidy.
According to him, victims who do not show up on Clop's website may have secretly paid the group a ransom in the hundreds of thousands or even millions of dollars' worth of Bitcoin.
Although it is always advised that victims refrain from paying, doing so encourages the growth of this criminal enterprise and does not provide a guarantee that the hackers won't use the information for additional attacks.
