"Hackers Used Fortra Zero-Day to Steal Sales Data from Cloud Management Giant Rubrik"
Rubrik, the leader in cloud data management, has revealed that hackers attacked the company by exploiting a flaw in a popular file transfer tool. The Clop ransomware group, which has been exploiting a flaw in Fortra's GoAnywhere Managed File Transfer product, recently added Rubrik to its list of victims. According to a spokesperson for the company, a third-party assessment indicates that the hackers did not gain access to any client data protected by Rubrik. Instead, using the widely publicized zero-day vulnerability affecting GoAnywhere, the hackers gained access to one of Rubrik's non-production Information Technology (IT) testing environments. The attack affected mostly internal sales data, including customer and partner names, business contacts, and a small number of distributor purchase orders. The third-party security firm examining the incident reported that no sensitive personal information, such as Social Security numbers, financial account numbers, or credit card numbers, was exposed on the compromised systems. Rubrik CISO Michael Mestrovich stated that over 100 companies are being actively exploited via the GoAnywhere flaw. File-sharing services, such as GoAnywhere MFT, are prime targets for nation-states and criminal hackers due to the sensitive information they may hold and their widespread adoption by businesses. This article continues to discuss the exploitation of the Fortra zero-day by hackers to steal data from the cloud data management giant Rubrik.