top of page

Cyber Crime Gang Threatens Data Publication: BBC & British Airways Among Victims

Updated: Jan 5

The notorious Clop group, believed to be based in Russia, issues an ultimatum to victims of the MOVEit hack, demanding contact before June 14 or risk data exposure.


A cybercrime gang believed to have originated from Russia, known as the Clop group, has issued a warning on the dark web to victims affected by the widespread MOVEit hack. They have given a deadline of June 14, threatening to publish stolen data if victims fail to email them.

Prominent organisations such as the BBC, British Airways and Boots have notified their employees that payroll data may have been compromised. Employers are being advised not to comply with any ransom demands from the hackers.

Clop has been previously suspected of orchestrating the hack, which was first reported last week. By exploiting the popular business software MOVEit, the criminals gained unauthorised access to the databases of numerous other companies, potentially impacting hundreds of organisations.

Microsoft analysts have now confirmed that Clop is indeed responsible for the hack based on the techniques employed. This confirmation was made in a lengthy blog post obtained by the BBC.

The blog post emphasises that companies using Progress MOVEit should be aware that their data may have been acquired through an exceptional exploit. It urges affected organisations to initiate negotiations with the hackers by sending an email to their darknet portal. The demand for victims to reach out directly to the hackers is an unconventional tactic, as ransom demands are typically sent via email. This approach may be due to the scale of the ongoing hack, which Clop is struggling to manage.

MOVEit, a file transfer software provided by Progress Software in the US, is widely used by businesses for secure internal file transfers. Zellis, a UK-based payroll services provider, was one of the affected users. Zellis confirms that data from eight organisations, including home addresses, national insurance numbers and bank details, has been stolen.

Several organisations, including the BBC, British Airways, Aer Lingus, Boots, Nova Scotia Government and The University of Rochester, have acknowledged the possibility of data theft. Experts advise individuals not to panic and urge organisations to conduct security checks recommended by authorities such as the US Cyber Security and Infrastructure Authority.

Clop claims to have deleted data from government, city and police services on their leak site, stating that they have no intention of exposing such information. However, experts remain sceptical and warn against trusting the criminals' claims. Clop has been closely monitored by cybersecurity experts and is predominantly active in Russian-speaking forums. While Russia denies providing a safe haven to ransomware gangs, Clop operates as a "ransomware as a service" group, allowing hackers to rent their tools for attacks from anywhere.

In 2021, alleged members of the Clop group were apprehended in Ukraine through a joint operation involving Ukraine, the US, and South Korea. Authorities believed they had dismantled the group responsible for extorting $500 million globally. However, Clop has proven to be an enduring and persistent threat.

  • The Clop cybercrime gang believed to be based in Russia, has issued an ultimatum to victims of the MOVEit hack, demanding contact before June 14 or face data publication.

  • Major organizations, including the BBC, British Airways and Boots, have warned their staff about potential payroll data theft.

  • Employers are advised not to comply with any ransom demands.

  • Clop exploited the MOVEit software to gain access.

As technology advances and has a greater impact on our lives than ever before, being informed is the only way to keep up.  Through our product reviews and news articles, we want to be able to aid our readers in doing so. All of our reviews are carefully written, offer unique insights and critiques, and provide trustworthy recommendations. Our news stories are sourced from trustworthy sources, fact-checked by our team, and presented with the help of AI to make them easier to comprehend for our readers. If you notice any errors in our product reviews or news stories, please email us at  Your input will be important in ensuring that our articles are accurate for all of our readers.

bottom of page