Security giant Rubrik says hackers used Fortra zero-day to steal internal data
By Editor - Tue Mar 14, 1:22 pm
- Comments Off on Security giant Rubrik says hackers used Fortra zero-day to steal internal data
- Tweet
Silicon Valley-based data security company Rubrik has come forward as the latest victim of the Fortra GoAnywhere zero-day vulnerability, which has been linked to hacks targeting a hospital chain and a bank. In a blog post published on Tuesday, Rubrik’s chief information security officer Michael Mestrovich said that attackers had gained access to the company’s non-production IT testing environments as a result of the flaw in Fortra’s GoAnywhere file-transfer software, which Rubrik uses for sharing internal data. This vulnerability, tracked as CVE-2023-0669 , first came to light on February 2 after security journalist Brian Krebs publicly shared details of Fortra’s paywalled security advisory. Fortra released a patch for the actively-exploited flaw five days later on February 7. Mestrovich said that since learning of the flaw last month, Rubrik conducted a “comprehensive review” of the affected data with an unnamed third-party firm, which found that the data accessed mainly consists of Rubrik internal sales information, including “certain customer and partner company names, business contact information, and a limited number of purchase orders from Rubrik distributors.” “The third-party firm has also confirmed that no sensitive personal data such as Social Security numbers, financial account numbers, or payment card numbers were exposed,” Mestrovich said
See the article here:
Security giant Rubrik says hackers used Fortra zero-day to steal internal data
- Comments Off on Security giant Rubrik says hackers used Fortra zero-day to steal internal data
- Tweet