Fintech banking platform Hatch Bank has announced that it suffered a data breach that resulted in the theft of personal information belonging to almost 140,000 of its customers.
The attack was conducted through the Fortra GoAnywhere MFT secure file-sharing platform, which was exploited via a zero-day vulnerability (CVE-2023-0669).
While Hatch Bank did not disclose the attacker’s identity, the Clop ransomware group claimed responsibility for the breach. Hatch Bank has confirmed that customer names and social security numbers were among the data that was stolen. The bank is providing affected customers with access to free credit monitoring services for one year.
This is not the first data breach involving the GoAnywhere MFT platform. Community Health Systems (CHS) announced a similar incident last month.
The Clop ransomware gang has claimed that it stole data from over 130 organizations through the zero-day vulnerability in Fortra’s GoAnywhere MFT software.
The group has a reputation for extorting money from its victims by demanding a ransom, with previous demands for similar attacks reaching as high as $10 million. It is not yet known whether the group is demanding ransoms for the GoAnywhere MFT attacks, but the release of stolen data is expected in the future.
The Clop group is also linked to the Accellion FTA attacks of December 2020, which targeted companies worldwide, including Shell, Qualys, and Kroger.
The group also targeted universities, including Stanford Medicine, the University of Colorado, and the University of Miami. Like the GoAnywhere MFT platform, Accellion FTA enables companies to share files with their customers securely.
The group demanded a $10 million ransom from victims in exchange for not publishing the stolen data. With the GoAnywhere MFT attacks, it is not yet known whether a similar strategy will be employed.
The Hatch Bank data breach highlights the importance of zero-day vulnerability management and software security updates. The breach highlights the potential consequences of vulnerabilities, and it is important for businesses to implement robust cybersecurity policies and update their security software promptly to avoid these types of breaches.
