More Canadian organizations have acknowledged that a file transfer vulnerability managed by GoAnwhere MFT is being victimized by the Clop ransomware gang. The Klopp gang has told Bleeping Computers that it has targeted 130 organizations using the vulnerability.
Movie chain Cineplex Inc said on Thursday it was a hit. This comes after Klopp listed Cineplex in a detailed list of victims. And the City of Toronto has acknowledged that it too has been a victim.
“We recently became aware of a data security incident involving a third-party supplier that Cineplex uses for data transfer services,” Judy Lung, director of communications for Cineplex, said in an email. IT World Canada. “Fortra GoAnywhere MFT (Managed File Transfer) was the victim of a zero-day cyber attack. We immediately notified all Cineplex employees who may have been affected and took steps to protect and support them. Cineplex’s operations were not affected and Nor was any customer data accessed or compromised.
publicly traded cineplex just reported February box office revenue $37 million.
Last week, Toronto-based Onex Corp., one of Canada’s largest asset management companies, also admitted, is a victim,
The City of Toronto says it was also a victim. “On March 20 the city became aware of a possible unauthorized access to city data,” a spokesperson said in an email. “Today, the City of Toronto confirmed that unauthorized access to City data occurred through a third-party vendor. Access is limited to files that the third party was unable to process through the secure file transfer system. City identification Actively examining the details of the files made.
The spokesperson added that “the unauthorized access to city data is related to a zero-day vulnerability in Forterra’s Goenware service.”
Fortra markets GoAnywhere MFT as a secure managed file transfer service that allows organizations to centralize, simplify and automate data movement. It can be deployed on-premises or in the cloud.
