Security News > 2023 > March > Hitachi Energy confirms data breach after Clop GoAnywhere attacks

Hitachi Energy confirms data breach after Clop GoAnywhere attacks
2023-03-17 16:20

Hitachi Energy confirmed it suffered a data breach after the Clop ransomware gang stole data using a zero-day GoAnyway zero-day vulnerability.

Hitachi Energy is a department of Japanese engineering and technology giant Hitachi focused on energy solutions and power systems.

"We recently learned that a third-party software provider called FORTRA GoAnywhere MFT was the victim of an attack by the CLOP ransomware group that could have resulted in an unauthorized access to employee data in some countries," Hitachi said in a press statement.

On February 6, 2023, an exploit for CVE-2023-0669 was publicly released, and on February 10, 2023, Clop declared that it had already breached 130 organizations leveraging the vulnerability in GoAnywhere MFT. The first victim to confirm a breach from these attacks was healthcare giant Community Health Systems on February 14, 2023, while fintech platform Hatch Bank followed with a similar statement on March 2, 2023.

Clop began actively extorting Fortra's customers a few days later, adding many victims to its extortion portal and demanding ransom payments to not publicly release stolen data.

On March 14, 2023, after being added to the data leak site, cybersecurity firm Rubrik admitted they were impacted by CVE-2023-0669 exploitation but clarified that the breach only affected a non-production IT testing environment, not any customer data.


News URL

https://www.bleepingcomputer.com/news/security/hitachi-energy-confirms-data-breach-after-clop-goanywhere-attacks/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2023-02-06 CVE-2023-0669 Deserialization of Untrusted Data vulnerability in Fortra Goanywhere Managed File Transfer
Fortra (formerly, HelpSystems) GoAnywhere MFT suffers from a pre-authentication command injection vulnerability in the License Response Servlet due to deserializing an arbitrary attacker-controlled object.
network
low complexity
fortra CWE-502
7.2

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Hitachi 232 8 108 55 16 187