Security News > 2023 > March > Hitachi Energy confirms data breach after Clop GoAnywhere attacks
Hitachi Energy confirmed it suffered a data breach after the Clop ransomware gang stole data using a zero-day GoAnyway zero-day vulnerability.
Hitachi Energy is a department of Japanese engineering and technology giant Hitachi focused on energy solutions and power systems.
"We recently learned that a third-party software provider called FORTRA GoAnywhere MFT was the victim of an attack by the CLOP ransomware group that could have resulted in an unauthorized access to employee data in some countries," Hitachi said in a press statement.
On February 6, 2023, an exploit for CVE-2023-0669 was publicly released, and on February 10, 2023, Clop declared that it had already breached 130 organizations leveraging the vulnerability in GoAnywhere MFT. The first victim to confirm a breach from these attacks was healthcare giant Community Health Systems on February 14, 2023, while fintech platform Hatch Bank followed with a similar statement on March 2, 2023.
Clop began actively extorting Fortra's customers a few days later, adding many victims to its extortion portal and demanding ransom payments to not publicly release stolen data.
On March 14, 2023, after being added to the data leak site, cybersecurity firm Rubrik admitted they were impacted by CVE-2023-0669 exploitation but clarified that the breach only affected a non-production IT testing environment, not any customer data.
News URL
Related news
- Bologna FC confirms data breach after RansomHub ransomware attack (source)
- Rhode Island confirms data breach after Brain Cipher ransomware attack (source)
- Free, France’s second largest ISP, confirms data breach after leak (source)
- Interbank confirms data breach following failed extortion, data leak (source)
- Canadian Suspect Arrested Over Snowflake Customer Breach and Extortion Attacks (source)
- How to Effectively Manage a Data Breach (source)
- Amazon confirms employee data breach after vendor hack (source)
- HIBP notifies 57 million people of Hot Topic data breach (source)
- T-Mobile US 'monitoring' China's 'industry-wide attack' amid fresh security breach fears (source)
- US space tech giant Maxar discloses employee data breach (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-02-06 | CVE-2023-0669 | Deserialization of Untrusted Data vulnerability in Fortra Goanywhere Managed File Transfer Fortra (formerly, HelpSystems) GoAnywhere MFT suffers from a pre-authentication command injection vulnerability in the License Response Servlet due to deserializing an arbitrary attacker-controlled object. | 7.2 |