Security News > 2023 > March > Hitachi Energy confirms data breach after Clop GoAnywhere attacks

Hitachi Energy confirmed it suffered a data breach after the Clop ransomware gang stole data using a zero-day GoAnyway zero-day vulnerability.
Hitachi Energy is a department of Japanese engineering and technology giant Hitachi focused on energy solutions and power systems.
"We recently learned that a third-party software provider called FORTRA GoAnywhere MFT was the victim of an attack by the CLOP ransomware group that could have resulted in an unauthorized access to employee data in some countries," Hitachi said in a press statement.
On February 6, 2023, an exploit for CVE-2023-0669 was publicly released, and on February 10, 2023, Clop declared that it had already breached 130 organizations leveraging the vulnerability in GoAnywhere MFT. The first victim to confirm a breach from these attacks was healthcare giant Community Health Systems on February 14, 2023, while fintech platform Hatch Bank followed with a similar statement on March 2, 2023.
Clop began actively extorting Fortra's customers a few days later, adding many victims to its extortion portal and demanding ransom payments to not publicly release stolen data.
On March 14, 2023, after being added to the data leak site, cybersecurity firm Rubrik admitted they were impacted by CVE-2023-0669 exploitation but clarified that the breach only affected a non-production IT testing environment, not any customer data.
News URL
Related news
- HPE notifies employees of data breach after Russian Office 365 hack (source)
- Fintech giant Finastra notifies victims of October data breach (source)
- US drug testing firm says data breach impacted 3.3 million people (source)
- US drug testing firm DISA says data breach impacts 3.3 million people (source)
- Background check, drug testing provider DISA suffers data breach (source)
- Data breach at Japanese telecom giant NTT hits 18,000 companies (source)
- PowerSchool previously hacked in August, months before data breach (source)
- Western Alliance Bank notifies 21,899 customers of data breach (source)
- Sperm donation giant California Cryobank warns of a data breach (source)
- Pennsylvania education union data breach hit 500,000 people (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-02-06 | CVE-2023-0669 | Deserialization of Untrusted Data vulnerability in Fortra Goanywhere Managed File Transfer Fortra (formerly, HelpSystems) GoAnywhere MFT suffers from a pre-authentication command injection vulnerability in the License Response Servlet due to deserializing an arbitrary attacker-controlled object. | 7.2 |