Another GoAnywhere Attack Affects Japanese Giant Hitachi Energy

Hitachi Energy confirmed that it was the victim of a data breach, part of the GoAnywhere attacks. The Clop ransomware gang exploited a Fortra GoAnywhere MFT (Managed File Transfer) zero-day vulnerability to gain access.

The Japanese engineering and technology giant provides energy solutions and power systems. Hitachi Energy has a $10 billion yearly income.

Details About the Hitachi Energy Data Breach

The company announced the data breach saying that the impact of this security incident is still under investigation.

We recently learned that a third-party software provider called FORTRA GoAnywhere MFT (Managed File Transfer) was the victim of an attack by the CLOP ransomware group that could have resulted in an unauthorized access to employee data in some countries.

Source

Hitachi Energy representatives are assuring that response measures are in place. IT specialists disconnected the compromised system (GoAnywhere MFT), and all affected employees received notification about the incident, as well as data protection authorities, and law enforcement agencies.

Until now, network operation and customer data security don’t seem affected.

The Forta GoAnywhere Attacks

Clop ransomware breached Hitachi Energy by exploiting a zero-day vulnerability in the GoAnywhere file-sharing software. The flaw now tracked as CVE-2023-0669 was first discovered on February 3, 2023.

Source

On February 6, 2023, an exploit for this bug was released, and by February 10, 2023, Clop bragged that it had used the exploit to attack 130 organizations. Next, the threat actors extorted victims by demanding ransom for the exfiltrated data.

Among other high-profile victims of these attacks are: the healthcare giant Community Health Systems (CHS), fintech platform Hatch Bank, and cybersecurity firm Rubrik.

If you liked this article, follow us on LinkedIn, Twitter, Facebook, and YouTube for more cybersecurity news and topics.

Newsletter

If you liked this post, you will enjoy our newsletter.

Get cybersecurity updates you'll actually want to read directly in your inbox.

I agree to have the submitted data processed by Heimdal Security according to the Privacy Policy

Andreea Chebac

Digital Content Creator

Andreea is a digital content creator within Heimdal® with a great belief in the educational power of content. A literature-born cybersecurity enthusiast (through all those SF novels…), she loves to bring her ONG, cultural, and media background to this job.