Investissement Québec Hit by Clop Gang as Reports of GoAnywhere Bug Exploits Grow
Clop chief suspect in Rio Tinto hack, Kimsuky uses Chrome extension to steal Gmails, Researchers warned about Pinduoduo weeks before Google banned it, FTC seeks cloud security info, much more
The number of victims affected by a mass-ransomware attack caused by a bug in Fortra’s GoAnywhere file transfer software continues to grow, with Canadian financing giant Investissement Québec confirming that the Clop ransomware gang recently stole some employee personal information.
Clop has disclosed less than half of the 130 organizations it claimed to have compromised via GoAnywhere. It isn’t clear if Fortra, which has not publicly commented on the incident, knows which customers are affected, and their spokespeople have refused to comment.
Details on the GoAnywhere flaw only came to light on February 2 after security reporter Brian Krebs first reported details of the bug, which Fortra had hidden behind a login screen on its website. Fortra released security fixes for GoAnywhere five days later, on February 7.…
Keep reading with a 7-day free trial
Subscribe to Metacurity to keep reading this post and get 7 days of free access to the full post archives.