We can now add Hitachi Energy to the growing list of organizations compromised through GoAnywhere’s MFT zero-day vulnerability.
The company published a press release which detailed the breach:
“We recently learned that a third-party software vendor called FORTRA GoAnywhere MFT (Managed File Transfer) was the victim of an attack by CLOP. Ransomware (opens in a new tab) group may lead to unauthorized access to employee data in some countries,” the company said.
The Clop effect
The company said it took action immediately upon discovery, pulling the GoAnywhere program from the broader network and launching an investigation to assess the impact of the incident. It then notified all affected parties, contacting data protection authorities as well as the police. The company remains in operation, the press release added.
“To date, we have no information that shows that our network activity or the security or reliability of customer data has been compromised.”
In early February 2023, a Clop ransomware threat claimed responsibility for a data-stealing attack against the Public Health System (CHS), saying it abused zero-days in the GoAnywhere MFT , a popular file sharing service developed by Fortra and used by large enterprises. to share sensitive files, securely.
At the time, it claimed to have breached 130 organizations using the same method, but did not provide any evidence for its claims. Since then, it has started to list affected companies, with Hatch Bank also among them.
Hitachi Energy is a division of Japan’s engineering and technology powerhouse, Hitachi. The division specializes in energy systems and energy solutions, which, according to BleepingComputer, has annual sales of $10 billion. We don’t know what kind of data the Clop operators took with them.
We know that at least two dozen companies have posted their sensitive data on the Clop ransomware leak site.
Through: BleepingComputer (opens in a new tab)
