The City of Toronto, Among This Week’s Victims of GoAnywhere Attacks
Other Victims Are UK’s Virgin Red and Pension Protection Fund.
The City of Toronto announced a data breach caused by GoAnywhere attacks. Clop ransomware, the gang responsible for exploiting the vulnerability in GoAnywhere also impacted UK’s Virgin Red and Pension Protection Fund.
This week’s victims ad up to the other 130 organizations that Clop claims to have breached until now.
The Toronto Data Breach
The authorities discovered the breach on March 20, 2023, and they are currently investigating the damages. We still don’t know the impact of this incident on City data.
Today, the City of Toronto has confirmed that unauthorized access to City data did occur through a third party vendor. The access is limited to files that were unable to be processed through the third party secure file transfer system.
City of Toronto spokesperson via BleepingComputer
The bug, which is currently listed as CVE-2023-0669, allows for remote code execution on an unpatched GoAnywhere solution.
Other Attacks from This Week
This week’s GoAnywhere attacks list also includes UK’s Virgin Red, Virgin Group’s rewards system, and Pension Protection Fund (PPF).
Virgin Red declared that the extracted files don’t include any personal information of customers or employees. While the Pension Protection Fund (PPF) breach affected employee data. In consequence, PPY informed and offered support to current and former employees affected by the incident.
PPF has stopped using GoAnywhere since and continues to work closely with Fortra, its security partners, and the law enforcement agencies as a part of investigatory activities.
To protect themselves from such cyberattacks, businesses that use the vulnerable GoAnywhere secure file transfer solution should patch their systems as soon as possible.