Security News > 2023 > March > Hitachi Energy confirms data breach after Clop GoAnywhere attacks
Hitachi Energy confirmed it suffered a data breach after the Clop ransomware gang stole data using a zero-day GoAnyway zero-day vulnerability.
Hitachi Energy is a department of Japanese engineering and technology giant Hitachi focused on energy solutions and power systems.
"We recently learned that a third-party software provider called FORTRA GoAnywhere MFT was the victim of an attack by the CLOP ransomware group that could have resulted in an unauthorized access to employee data in some countries," Hitachi said in a press statement.
On February 6, 2023, an exploit for CVE-2023-0669 was publicly released, and on February 10, 2023, Clop declared that it had already breached 130 organizations leveraging the vulnerability in GoAnywhere MFT. The first victim to confirm a breach from these attacks was healthcare giant Community Health Systems on February 14, 2023, while fintech platform Hatch Bank followed with a similar statement on March 2, 2023.
Clop began actively extorting Fortra's customers a few days later, adding many victims to its extortion portal and demanding ransom payments to not publicly release stolen data.
On March 14, 2023, after being added to the data leak site, cybersecurity firm Rubrik admitted they were impacted by CVE-2023-0669 exploitation but clarified that the breach only affected a non-production IT testing environment, not any customer data.
News URL
Related news
- Bologna FC confirms data breach after RansomHub ransomware attack (source)
- Rhode Island confirms data breach after Brain Cipher ransomware attack (source)
- Romanian energy supplier Electrica hit by ransomware attack (source)
- Clop ransomware claims responsibility for Cleo data theft attacks (source)
- Texas Tech University System data breach impacts 1.4 million patients (source)
- Ireland fines Meta $264 million over 2018 Facebook data breach (source)
- New fake Ledger data breach emails try to steal crypto wallets (source)
- Meta Fined €251 Million for 2018 Data Breach Impacting 29 Million Accounts (source)
- 46% of financial institutions had a data breach in the past 24 months (source)
- Clop ransomware threatens 66 Cleo attack victims with data leak (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-02-06 | CVE-2023-0669 | Deserialization of Untrusted Data vulnerability in Fortra Goanywhere Managed File Transfer Fortra (formerly, HelpSystems) GoAnywhere MFT suffers from a pre-authentication command injection vulnerability in the License Response Servlet due to deserializing an arbitrary attacker-controlled object. | 7.2 |