"Casino Giant Crown Resorts Investigating Ransomware Group’s Data Theft Claims"
Australian casino giant Crown Resorts recently confirmed that the Cl0p ransomware group contacted them to claim they had stolen data as part of the GoAnywhere attack. The incident occurred in late January when a zero-day vulnerability in Fortra’s GoAnywhere managed file transfer (MFT) software was exploited to access files belonging to Fortra customers. The exploitation of the bug tracked as CVE-2023-0669 and patched in early February was attributed to a Russian-speaking threat actor associated with the Cl0p ransomware, which recently started adding the names of alleged victims to its Tor-based leak site. The Cl0p ransomware operators have claimed the theft of data from roughly 130 organizations that used GoAnywhere, with some of them already confirming potential impact. The company stated that no customer data had been compromised, and their business operations were unaffected. They noted that they would provide relevant updates as necessary.