Security News > 2023 > March > Hitachi Energy confirms data breach after Clop GoAnywhere attacks
Hitachi Energy confirmed it suffered a data breach after the Clop ransomware gang stole data using a zero-day GoAnyway zero-day vulnerability.
Hitachi Energy is a department of Japanese engineering and technology giant Hitachi focused on energy solutions and power systems.
"We recently learned that a third-party software provider called FORTRA GoAnywhere MFT was the victim of an attack by the CLOP ransomware group that could have resulted in an unauthorized access to employee data in some countries," Hitachi said in a press statement.
On February 6, 2023, an exploit for CVE-2023-0669 was publicly released, and on February 10, 2023, Clop declared that it had already breached 130 organizations leveraging the vulnerability in GoAnywhere MFT. The first victim to confirm a breach from these attacks was healthcare giant Community Health Systems on February 14, 2023, while fintech platform Hatch Bank followed with a similar statement on March 2, 2023.
Clop began actively extorting Fortra's customers a few days later, adding many victims to its extortion portal and demanding ransom payments to not publicly release stolen data.
On March 14, 2023, after being added to the data leak site, cybersecurity firm Rubrik admitted they were impacted by CVE-2023-0669 exploitation but clarified that the breach only affected a non-production IT testing environment, not any customer data.
News URL
Related news
- Tech giant Nidec confirms data breach following ransomware attack (source)
- Henry Schein discloses data breach a year after ransomware attack (source)
- Payment gateway data breach affects 1.7 million credit card owners (source)
- Fortinet confirms data breach after hacker claims to steal 440GB of files (source)
- 23andMe to pay $30 million in genetics data breach settlement (source)
- AT&T pays $13 million FCC settlement over 2023 data breach (source)
- Dell investigates data breach claims after hacker leaks employee info (source)
- Disney ditching Slack after massive July data breach (source)
- A data leak and a data breach (source)
- U.S. govt agency CMS says data breach impacted 3.1 million people (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-02-06 | CVE-2023-0669 | Deserialization of Untrusted Data vulnerability in Fortra Goanywhere Managed File Transfer Fortra (formerly, HelpSystems) GoAnywhere MFT suffers from a pre-authentication command injection vulnerability in the License Response Servlet due to deserializing an arbitrary attacker-controlled object. | 7.2 |