Shell says Australian unit BG Group hit by MOVEit cybersecurity breach
15 September, 2023, 8:03 pm
(Reuters) -Shell Plc said on Friday that it has identified a cybersecurity incident involving some employees who worked with the company’s unit BG Group in Australia before the merger, becoming the latest victim of the MOVEit hack.
A number of businesses globally have lately been affected by a cybersecurity breach on the software tool MOVEit that is typically used to transfer large amounts of often sensitive data including pension information and social security numbers.
Shell said it has identified some personal information related to the affected individuals that was accessed without any authorization and has made attempts to notify them of the breach.
“The data is from 2013 and although it is historic and some of it may be out of date, there is a risk to impacted individuals of identity theft and being targeted by phishing campaigns,” Shell said in a statement.
Shell did not immediately respond to a Reuters request for comment to clarify the exact number of individuals impacted in the cybersecurity incident.
The development is the latest among a string of rising security breaches seen in corporate Australia since late last year, which led the government to reform its cybersecurity rules and even set up an agency to oversee government investment in the field.
Hebe Chen, an analyst with IG Markets, told Reuters that the incident highlights one of the weakest spots in Australia’s corporate ecosystem once again.
“Not only does it expose the fragile protection measures that were in place, but it also raises questions about the effectiveness of the Australian government’s national cybersecurity strategy,” Chen added.
The company completed its $70 billion takeover of BG Group Plc in 2016, bringing into its portfolio multiple oil and gas projects across countries like Brazil and Australia.