MOVEit vulnerability

We are aware of a vulnerability to the file transfer application MOVEit that has been impacting organisations and exposing personal data.

The National Cyber Security Centre (NCSC) is working with affected businesses to understand and respond to this incident.

We encourage all firms to:

Check if they or any companies in their supply chain have used MOVEit and to understand the extent of any impact.
Review the Indicators of Compromise (IOCs) and follow the risk remediation advice and patches. These can be found on the Progress website.

Any operational impacts due to this issue should be escalated via normal supervisory reporting processes. You are required to report incidents to the FCA.

For organisations directly affected, Progress (the Vendor of the MOVEit software) has issued advice on mitigating this vulnerability. See the NCSC website for regular updates on this incident.

Contact us

What we do

How we regulate

How we operate

Who we are

Join us

Firms overview

Regulated firms

Tasks for firms

Primary markets

Markets policy

Regulated markets

Market abuse

Short selling

Transaction reporting

Our Consumer section

Your rights

Complaints

Scams

Report a firm

Sign up to receive daily alerts on the warnings we issue

Media centre

Was this page helpful?