"Hatch Bank Becomes the Second Data Breach Victim after GoAnywhere MFT Hack"

Hatch Bank, a Financial Technology (FinTech) banking platform, revealed that it faced a data breach caused by the attack on the Fortra GoAnywhere MFT file-sharing platform when the data of almost 140,000 customers was stolen. Hatch Bank discovered that customer names and Social Security numbers (SSNs) had been compromised after reviewing the stolen data. Two data breaches have been caused by the GoAnywhere MFT attacks to date, with the most recent one being announced by Community Health Systems (CHS). The Clop ransomware group, which is responsible for the GoAnywhere attacks, claims to have already stolen data from more than 130 organizations. The group exploited the zero-day vulnerability in Fortra's GoAnywhere MFT file-sharing platform to steal the personal data of 139,493 customers. The vulnerability, tracked as CVE-2023-0669, is a Remote Code Execution (RCE) flaw that enables remote threat actors to access servers. Although Hatch Bank did not name the threat actor responsible for the attack, Joe Slowik, Manager of Threat Intelligence at Huntress, discovered connections between the GoAnywhere MFT and TA505, a hacking gang known for launching Clop ransomware. This article continues to discuss Hatch Bank becoming another victim of a data breach caused by the attack on the Fortra GoAnywhere MFT file-sharing platform.

Cybernews reports "Hatch Bank Becomes the Second Data Breach Victim after GoAnywhere MFT Hack"