American Rubrik, a data protection company, has confirmed that the CL0P group of hackers have gained access to one of the company’s servers. Stolen data samples have reportedly appeared on the site of the CL0P group.
According to Michael Metrovich, Rubrik Information Security Director, the hackers gained access to a “non-productive IT testing media.” The attackers exploited the RCE-vulnerability of the zero-day Fortra GoAnywhere Managed File Transfer.
Rubrik conducted an internal investigation and found that the cybercriminals did not make any lateral movements and did not infect other parts of the company’s IT infrastructure.
Metrovich confirmed that confidential customer data, such as social insurance numbers and financial account details, were not affected. However, certain customer and partner company names, business contact information, and details about Rubrik distributor orders were disclosed.
The previous statement from Clop extortion gang claimed to have stolen data from over 130 organizations worldwide using the GoAnywhere MFT vulnerability. The CVE-2023-0669 vulnerability allows the hacker to remotely execute the code on the inexpedged copies of the GoAnywhere MFT when the administrative console is accessible on the Internet.