Rubrik Discloses Data Breach After Exploiting GoAnywhere Zero-Day

March 15, 2023

Cybersecurity firm Rubrik has disclosed a data breach, after a ransomware group exploited a recently disclosed zero-day vulnerability in the Fortra GoAnywhere secure file transfer platform. The company was the victim of a large-scale campaign targeting GoAnywhere MFT devices worldwide. Rubrik immediately launched an investigation into the incident with the help of third-party forensics experts.

According to the company's statement, the breach was quickly contained and only impacted a non-production IT testing environment. “The current investigation has determined there was no lateral movement to other environments. Rubrik took the involved non-production environment offline and leveraged our own security systems and solutions to quickly contain the threat and help restore our test environment,” said the company. The stolen data mainly consists of Rubrik internal sales information, which includes certain customer and partner company names, business contact information, and a limited number of purchase orders from Rubrik distributors. The third-party firm has also confirmed that no sensitive personal data such as social security numbers, financial account numbers, or payment card numbers were exposed.

The Clop ransomware group added Rubrik to the list of victims on the Tor leak site and published samples of stolen documents as proof of the hack. “Importantly, based on our current investigation, being conducted with the assistance of third-party forensics experts, the unauthorized access did NOT include any data we secure on behalf of our customers via any Rubrik products,” said the company. The zero-day vulnerability (CVE-2023-0669) in Fortra’s GoAnywhere MFT secure file transfer tool was also exploited by the Clop ransomware group to breach other organizations, including the Hatch Bank and the Community Health Systems.

Related News

Latest News

Like what you see?

Get a digest of headlines, vulnerabilities, risk context, and more delivered to your inbox.

Subscribe Below

By submitting this form, you’re giving us permission to email you. You may unsubscribe at any time.

Accelerate Security Teams

Continuously identify and prioritize the risks that are most critical in your environment, and validate that your remediation efforts are reducing risk. An always-on single source-of-truth of your assets, services, and vulnerabilities.