The BBC, British Airways, Boots and Aer Lingus are among a growing number of organisations affected by a mass hack.
Staff have been warned personal data including national insurance numbers and in some cases bank details may have been stolen.
The cyber criminals broke into a prominent piece of software to gain access to multiple companies in one go.
There are no reports of ransom demands being sought or money stolen.
In the UK, the payroll services provider Zellis is one of the companies affected and it said data from eight of its client firms had been stolen.
It would not reveal names, but organisations are independently issuing warnings to staff.
In an email to employees, the BBC said data stolen included staff ID numbers, dates of birth, home addresses and national insurance numbers.
Staff at British Airways have been warned that some may have had bank details stolen.
The UK's National Cyber Security Centre said it was monitoring the situation and urged organisations using the compromised software to carry out security updates.
The hack was first disclosed last week when US company Progress Software said hackers had found a way to break into their MOVEit Transfer tool. MOVEit is software designed to move sensitive files securely and is popular around the world with most of its customers in the US.
Progress Software said it alerted its customers as soon as the hack was discovered and quickly released a downloadable security update.
A spokesperson said the firm is working with police to "combat increasingly sophisticated and persistent cybercriminals intent on maliciously exploiting vulnerabilities in widely used software products".
The US Cybersecurity and Infrastructure Security Agency issued a warning on Thursday to firms that use MOVEit, instructing them to download a security patch to stop further breaches.
But security researcher Kevin Beaumont said internet scans revealed thousands of company databases could still be vulnerable as many affected firms are yet to install the fix.
"Early indications are there are a large number of prominent organisations impacted," he said.
Experts said it is likely the cyber criminals will attempt to extort money from organisations rather than individuals.
No ransom demands have been made public yet but it is expected cyber criminals will begin emailing affected organisations to demand payment.
They will likely threaten to publish the stolen data online for other hackers to pick through.
Victim organisations are reminding staff to be vigilant of any suspicious emails that could lead to further cyber attacks.
Although no official attribution has been made, Microsoft said it believed the criminals responsible are linked to the notorious Cl0p ransomware group, thought to be based in Russia.
In a blog post the US tech giant said it was attributing attacks to Lace Tempest, known for ransomware operations and running the Cl0p extortion website where victim data is published. The company said the hackers responsible have used similar techniques in the past to steal data and extort victims.
"This latest round of attacks is another reminder of the importance of supply chain security," said John Shier, from cyber security company Sophos.
"While Cl0p has been linked to this active exploitation it is probable that other threat groups are prepared to use this vulnerability as well," he added.
The National Crime Agency told the BBC that it was aware that a number of UK-based organisations had been "impacted by a cyber incident", as a result of a previously unknown security flaw relating to MOVEit Transfer.
The NCA added it was "working with partners to support those organisations and understand the full impact on the UK".
Latest Stories
-
Center for Learning and Childhood Development Director Dr Kwame Sakyi honoured at Ghana Philanthropy Awards
3 hours -
Asantehene receives 28 looted artefacts
4 hours -
CAF WCL 2024: Ghana’s Thelma Baffour wins title with TP Mazembe
5 hours -
Benjamin Boakye slams politicisation of energy sector issues and ECG’s inefficiencies
5 hours -
Erastus Asare Donkor and Dr Neta Parsram win big at 10th Mining Industry Awards
5 hours -
Government is “suppressing information” about power sector challenges – IES Director
6 hours -
Majority of our debts caused by forex shortfall – ECG Boss
6 hours -
Pan-African Savings and Loans supports Ghana Blind Union with boreholes
7 hours -
Bole-Bamboi MP Yussif Sulemana donates to artisans and Bole SHS
7 hours -
Top up your credit to avoid potential disruption – ECG to Nuri meter customers
7 hours -
Dutch & Co wins 2024 Entrepreneur of the Year Award
7 hours -
We’ll cut down imports and boost consumption of local rice and other products – Mahama
9 hours -
Prof Opoku-Agyemang donates to Tamale orphanage to mark her birthday
10 hours -
Don’t call re-painted old schools brand new infrastructure – Prof Opoku-Agyemang tells gov’t
11 hours -
Sunon Asogli plant will be back on stream in a few weeks – ECG
11 hours