Fortra released security fixes for GoAnywhere five days later on February 7.īy then, the hackers had already stolen reams of data from numerous victims. It isn’t clear if Fortra, which has not publicly commented on the incident, knows yet which customers are affected. When reached by email prior to publication, Fortra spokespeople Mike Devine and Rachel Woodford would not comment or provide answers to any of our questions, including whether Fortra’s in-house GoAnywhere systems hosting customers’ data were also hit by the mass-hack.ĭetails only came to light on February 2 after independent security reporter Brian Krebs first reported details of the bug, which Fortra had hidden behind a login screen on its website. Since the attack in late January or early February - the exact date is not known - Clop has disclosed less than half of the 130 organizations it claimed to have compromised via GoAnywhere, a system that can be hosted in the cloud or on an organization’s network that allows companies to securely transfer huge sets of data and other large files. However, while the number of victims of the mass-hack is widening, the known impact is murky at best. Hitachi Energy also confirmed this week that some of its employee data had been stolen in a similar incident involving its GoAnywhere system, but saying the incident happened at Fortra. Spokesperson Isabelle Fontaine said the incident occurred at Fortra, previously known as HelpSystems, which develops the vulnerable GoAnywhere file transfer tool. Over the past few days, the Russia-linked Clop gang has added dozens of other organizations to its dark web leak site, which it uses to extort companies further by threatening to publish the stolen files unless a financial ransom demand is paid.Ĭanadian financing giant Investissement Québec confirmed to TechCrunch that “some employee personal information” was recently stolen by a ransomware group that claimed to have breached dozens of other companies. TechCrunch has learned of dozens of organizations that used the affected GoAnywhere file transfer software at the time of the breach, suggesting more victims are likely to come forward. The city said its review found “no exfiltration of internal data, nor residents’ data.” TechCrunch initially contacted the city on March 20 for comment after identifying it as an organization that used the GoAnywhere file transfer software at the time of the ransomware attack. “The City is actively investigating the details of the identified files,” said city spokesperson Alex Burke. The access is limited to files that were unable to be processed through the third party secure file transfer system.” The City of Toronto told TechCrunch in a revised statement on March 23: “Today, the City of Toronto has confirmed that unauthorized access to City data did occur through a third party vendor. The number of victims affected by a mass-ransomware attack, caused by a bug in a popular data transfer tool used by businesses around the world, continues to grow as another organization tells TechCrunch that it was also hacked.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |