hitachienergy

Hitachi Energy reported a data breach. The Clop ransomware group obtained firm data by taking use of the most current GoAnywhere zero-day vulnerability.

The business was the focus of an extensive effort that used the zero-day vulnerability to target GoAnywhere MFT devices all around the world.

Hitachi Energy disconnected the affected machine and started an inquiry into the issue right away. Law enforcement authorities and a data protection monitor were notified by the corporation of the data leak.

The business emphasised that neither the security of its customers' data nor the network operations were affected.

Source: https://securityaffairs.com/143640/data-breach/hitachi-energy-data-breach.html

TPRM report: https://scoringcyber.rankiteo.com/company/hitachienergy

"id": "hit15831023",
"linkid": "hitachienergy",
"type": "Data Leak",
"date": "03/2023",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"

{'affected_entities': [{'industry': 'Energy',
                        'name': 'Hitachi Energy',
                        'type': 'Corporation'}],
 'attack_vector': 'Zero-day vulnerability',
 'description': 'Hitachi Energy reported a data breach. The Clop ransomware '
                'group obtained firm data by taking use of the most current '
                'GoAnywhere zero-day vulnerability. The business was the focus '
                'of an extensive effort that used the zero-day vulnerability '
                'to target GoAnywhere MFT devices all around the world. '
                'Hitachi Energy disconnected the affected machine and started '
                'an inquiry into the issue right away. Law enforcement '
                'authorities and a data protection monitor were notified by '
                'the corporation of the data leak. The business emphasised '
                "that neither the security of its customers' data nor the "
                'network operations were affected.',
 'impact': {'systems_affected': ['GoAnywhere MFT devices']},
 'initial_access_broker': {'entry_point': 'GoAnywhere MFT devices'},
 'investigation_status': 'Investigation started',
 'ransomware': {'ransomware_strain': 'Clop'},
 'response': {'containment_measures': ['Disconnected the affected machine'],
              'law_enforcement_notified': True},
 'threat_actor': 'Clop ransomware group',
 'title': 'Hitachi Energy Data Breach',
 'type': 'Data Breach',
 'vulnerability_exploited': 'GoAnywhere MFT zero-day vulnerability'}

hitachienergy

Lazarus Naturals

Estes Forwarding Worldwide

Synnovis