![]() Fortra GoAnywhere MFT data breach exposes 1 million CHS Healthcare patientsĬommunity Health Systems (CHS), an American healthcare operator with nearly 80 hospitals in 16 states, confirmed that threat actors, likely Clop ransomware, had accessed CHS Healthcare patients’ data via Fortra GoAnywhere managed file transfer tool. The Clop ransomware incident forced Accellion to pay $8.1 million to settle a class action lawsuit accusing the company of failing to implement proper security measures and detect vulnerabilities. Healthcare organizations Beaumont Health, Centene, Trinity Health, and Kroger Health also suffered the FTA data breach. ![]() The incident affected high-profile victims, including energy giant Shell, cybersecurity firm Qualys, Australian Securities and Investments Commission, Canadian aviation company Bombardier, Jones Day Law Firm, retail chain Kroger, Morgan Stanley, Singtel, Stanford University, and the University of California. The attack mirrors the December 2020 Accellion File Transfer Appliance (FTA) data breach that affected approximately 100 organizations. “Service continues to be restored on a customer-by-customer basis as mitigation is applied and verified within each environment,” Fortra wrote. Clop ransomware had told Bleeping Computer they could move laterally and deploy ransomware, although they decided against it. The company later disclosed that advanced persistent threat actors had compromised its servers and created rogue user accounts. “Particularly for customers running an admin portal exposed to the internet, we consider this an urgent matter.” “We urgently advise all GoAnywhere MFT customers to apply this patch,” Fortra stressed. Meanwhile, Fortra published instructions on disabling the impacted servlet and later released security updates, urging customers to apply the fixes urgently. “GoAnywhere MFT contains a pre-authentication remote code-execution vulnerability in the License Response Servlet due to deserializing an attacker-controlled object,” CISA wrote. This requires federal agencies to patch the vulnerability within one month to prevent the exploitation of government networks. The Cybersecurity and Infrastructure Security Agency (CISA) has added the GoAnywhere zero-day flaw to the catalog of known exploited vulnerabilities.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |