3rd Party Risk Management , Breach Notification , Cybercrime
Attackers Exploit Zero-Day Vulnerability in Fortra’s Managed File Transfer Software Prajeet Nair (@prajeetspeaks) • March 18, 2023
Hitachi Energy joined the ranks of victims hit by the Clop ransomware group, which has exploited a zero-day vulnerability in Fortra’s widely used managed file transfer software, GoAnywhere MFT. Clop claimed responsibility for the hack, which compromised networks used by 130 different organizations.
See Also: OnDemand Webinar | Third-Party Risk, ChatGPT & Deepfakes: Defending Against Today’s Threats
Hitachi Energy, subsidiary of the Japanese tech giant, confirmed Friday that the Clop ransomware group exploited the flaw in Fortra’s GoAnywhere file transfer software that could have resulted in unauthorized access to employee data in some countries.
“Upon learning of this event, we took immediate action and initiated our own investigation, disconnected the third-party system and engaged forensic IT experts to help us analyze the nature and scope of the attack,” the company said in a data breach notification letter.
The company says it is informing affected employees and has notified applicable data privacy, security and law enforcement authorities.
“According to our latest information, our network operations or the security of customer data have not been compromised. We will continue to update relevant parties as the investigation progresses,” the statement said.
Cybersecurity analyst and security researcher Dominic Alvieri first reported about the breach at the company. Hitachi Energy owns power grids and wind farms in Italy and Finland, among
Read more