Security News > 2023 > March > Crown Resorts confirms ransom demand after GoAnywhere breach

Crown Resorts confirms ransom demand after GoAnywhere breach
2023-03-28 16:26

Crown Resorts, Australia's largest gambling and entertainment company, has confirmed that it suffered a data breach after its GoAnywhere secure file-sharing server was breached using a zero-day vulnerability.

This data breach was conducted by the Clop ransomware gang, which has shifted over the past year from encrypting files to performing data extortion attacks.

In February, the threat actors claimed to have stolen data from 130 organizations over ten days utilizing a GoAnywhere zero-day vulnerability.

While Crown Resorts confirmed that it is being extorted by Clop, who claims to have stolen data from its networks, it says there is no evidence of the data breach impacting customers.

Clop is still extorting the victims by threatening to release the data it stole from their networks but has not yet leaked anything on its data leak site.

The vendor of GoAnywhere software, Fortra, is already facing the prospect of a class action lawsuit in the United States, accused of failing to implement adequate cybersecurity measures to protect the private data stored in its network.


News URL

https://www.bleepingcomputer.com/news/security/crown-resorts-confirms-ransom-demand-after-goanywhere-breach/