Hatch Bank, a financial technology firm, has reported a data breach after hackers stole the personal information of almost 140,000 customers from the company's Fortra GoAnywhere MFT secure file-sharing platform. According to data breach notifications sent to impacted customers and filed with Attorney General's offices, hackers exploited a vulnerability in the GoAnywhere MFT software, tracked as CVE-2023-0669, to steal the data of 139,493 customers.
"On January 29, 2023, Fortra experienced a cyber incident when they learned of a vulnerability located in their software," warned the Hatch Bank data breach notification. "On February 3, 2023, Hatch Bank was notified by Fortra of the incident and learned that its files contained on Fortra’s GoAnywhere site were subject to unauthorized access." The bank determined that customers' names and social security numbers were stolen by the attackers and is providing free access to credit monitoring services for twelve months to affected individuals.
This is the second confirmed data breach caused by the GoAnywhere MFT attacks, with the first one disclosed by Community Health Systems (CHS) last month. While Hatch Bank did not disclose what threat actor conducted the attack, the Clop ransomware gang told BleepingComputer that they were behind these attacks and had stolen data from over 130 organizations. As part of these attacks, the Clop ransomware gang attempted to extort victims by demanding a $10 million ransom to prevent the stolen data from being published. "We will begin to see stolen data appear on their data leak site in the future," warned Huntress Threat Intelligence Manager Joe Slowik.