Hitachi Energy confirmed it suffered a data breach after the Clop ransomware gang stole data by exploiting the GoAnyway zero-day vulnerability.
Hitachi Energy which is a department of Japanese engineering and technology giant Hitachi focused on energy solutions and power systems and has an annual revenue of $10 billion.
The attack was done by exploiting a zero-day vulnerability, now tracked as CVE-2023-0669, in the Fortra GoAnywhere MFT (Managed File Transfer) that was first disclosed on February 3, 2023.
Hitachi stated that it responded to the incident immediately, disconnected the impacted system (GoAnywhere MFT), and initiated an internal investigation to determine the breach’s impact.
All affected employees, applicable data protection authorities, and law enforcement agencies have been informed of the security incident directly by Hitachi.
The firm assured that they have no information that neither their network operations nor the security or reliability of customer data have been compromised.
According to the private advisory published by Fortra, the zero-day is a remote code injection issue that impacts GoAnywhere MFT. The vulnerability can only be exploited by attackers with access to the administrative console of the application.
When Fortra admitted the zero-day on for its GoAnywhere secure file-sharing product at the start of February, the Clop ransomware group took advantage of the security flaw to breach numerous high-profile organizations globally.
On February 6, 2023, an exploit for CVE-2023-0669 was publicly released, and on February 10, 2023, Clop declared that it had already breached 130 organizations leveraging the vulnerability in GoAnywhere MFT.