British Airways and Boots on Monday confirmed they had been affected by a “cyber security incident” affecting their payroll provider, which is also likely to have hit scores of British companies including some of the country’s best-known names.
The airline said the incident at Zellis, its payroll provider, was the result of a “new and previously unknown vulnerability” in a file transfer tool developed by a company called MOVEit.
The effect on the companies was first reported by the Daily Telegraph, which said the BBC, the national broadcaster, were also affected.
Boots said: “Our provider assured us that immediate steps were taken to disable the server, and as a priority we have made our team members aware.”
Zellis did not immediately reply to a request to comment on the reports.
