Friday 17th February 2023

CTI Weekly: US hospital chain first to disclose data breach following GoAnywhere compromise

This week we reported on a data breach that exposed the personal and health information of around 1 million patients as result of compromises affecting Forta’s GoAnywhere Managed File Transfer (MFT) service claimed by Clop ransomware. The impacted hospital chain disclosed the breach after Forta notified them about the exploitation of a zero-day remote code execution vulnerability CVE-2023-0669 affecting one of their Internet-exposed GoAnywhere servers.

Clop ransomware has subsequently claimed responsibility for the compromise and is reported to have exfiltrated sensitive data from 130 organisations via the exploitation of this vulnerability, and whilst these claims are yet to be substantiated, security researchers have found some evidence linking the group to suspected compromises.

Owing to the commercially sensitive nature of material transferred via products such as GoAnywhere’s MFT service we anticipate that the US hospital chain is the first of many organisations likely to disclose costly data breaches over the coming weeks.

 

Subscribe below to receive the full version.

Get our latest cyber intelligence insights straight into your inbox

Fill out the short form below to subscribe to our newsletter so that you never miss out on our cyber intelligence insights and news.