Hitachi Energy has confirmed having its data stolen in a Clop ransomware attack leveraging a zero-day security vulnerability in the Fortra GoAnywhere Managed File Transfer system, tracked as CVE-2023-0669, BleepingComputer reports.
Data from employees in some countries may have been compromised in the data breach, according to Hitachi Energy, which promptly took down its GoAnywhere MFT, as well as informed impacted employees and authorities regarding the incident.
"To date, we have no information that neither our network operations nor the security or reliability of customer data have been compromised," Hitachi Energy said.
Hitachi Energy's confirmation of being impacted by attacks on Fortra's GoAnywhere file-transfer software comes after earlier disclosures by Community Health Systems, Hatch Bank, and cybersecurity firm Rubrik, which noted that only its non-production IT testing environment was affected by the breach.
Meanwhile, data extortion efforts by Clop ransomware, which declared to have compromised 130 entities using the vulnerability, commenced this month.
An In-Depth Guide to Ransomware
Get essential knowledge and practical strategies to protect your organization from ransomware attacks.
Such a disclosure, which is part of the Microchip's financial report for the second quarter of fiscal year 2025, comes two months after the firm confirmed the exfiltration of employee contact details, password hashes, and other data from its systems as a result of the intrusion.
Such malware compromise, which was only identified in late September, has impacted login information, names, phone numbers, emails, shipping and billing addresses, and payment card details with CVV codes and expiration dates belonging to individuals who had visited the SelectBlinds website's check-out page.