We can now add Hitachi Energy to the increasingly growing list of organizations compromised through the GoAnywhere MFT zero-day vulnerability.
The company has published a press release in which it explained the details of the breach:
“We recently learned that a third-party software provider called FORTRA GoAnywhere MFT (Managed File Transfer) was the victim of an attack by the CLOP ransomware (opens in new tab) group that could have resulted in an unauthorized access to employee data in some countries,” the company said.
The Clop effect
The company said it acted straight away after detection, unplugging the GoAnywhere program from its wider network and kicking off an investigation to assess the impact of the incident. After that, it notified all affected parties, reached out to data protection authorities, as well as the police. The firm remains operational, the press release adds.
“To date, we have no information that neither our network operations nor the security or reliability of customer data have been compromised.”
In early February 2023, a ransomware threat actor Clop took responsibility for a data theft attack against Community Health Systems (CHS), saying it abused a zero-day in GoAnywhere MFT, a popular file-sharing service developed by Fortra and used by large businesses to share sensitive files, securely.
At the time, it claimed to have breached 130 organizations using the same method, but did not provide any proof for its claims. Since then, it started populating the list of affected companies, with Hatch Bank also being among those hit.
Hitachi Energy is a department of Japanese engineering and technology powerhouse, Hitachi. This department specializes in power systems and energy solutions and, according to BleepingComputer, has an annual revenue of $10 billion. We don’t know what type of data Clop operators took with them.
We do know that at least two dozen firms have already had their sensitive data posted on the Clop ransomware leak site.
Via: BleepingComputer (opens in new tab)