Security News > 2023 > March > Procter & Gamble confirms data theft via GoAnywhere zero-day
Consumer goods giant Procter & Gamble has confirmed a data breach affecting an undisclosed number of employees after its GoAnywhere MFT secure file-sharing platform was compromised in early February.
"P&G can confirm that it was one of the many companies affected by Fortra's GoAnywhere incident. As part of this incident, an unauthorized third party obtained some information about P&G employees," Procter & Gamble told BleepingComputer.
P&G says it has no evidence that this data breach impacted customer data and that it stopped using Fortra's GoAnywhere secure file-sharing services after discovering the incident.
The Clop ransomware gang previously told Bleeping Computer that it exploited the CVE-2023-0669 GoAnywhere vulnerability as a zero-day to breach and steal data from the secure storage servers of more than 130 organizations.
Clop began publicly extorting the GoAnywhere attacks' victims on March 10 when it added seven companies to its data leak site.
The ransomware gang's alleged use of a GoAnywhere MFT zero-day to steal sensitive files from victims' secure sharing servers is very similar to using an Accellion FTA zero-day vulnerability to steal the data of roughly 100 companies in December 2020.
News URL
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-02-06 | CVE-2023-0669 | Deserialization of Untrusted Data vulnerability in Fortra Goanywhere Managed File Transfer Fortra (formerly, HelpSystems) GoAnywhere MFT suffers from a pre-authentication command injection vulnerability in the License Response Servlet due to deserializing an arbitrary attacker-controlled object. | 7.2 |