BleepingComputer reports that U.S. luxury brand retailer Saks Fifth Avenue had its systems claimed to be breached by the Clop ransomware operation in an attack leveraging a zero-day security vulnerability in the Fortra GoAnywhere Managed File Transfer system, tracked as CVE-2023-0669.
However, only Saks' mock customer data has been compromised as a result of the attack, according to a Saks spokesperson.
"The mock customer data does not include real customer or payment card information and is solely used to simulate customer orders for testing purposes," said Saks, which noted that investigation into the incident is still ongoing as it declined to answer the attack's impact on corporate or employee information.
More than 130 organizations were claimed by Clop to be compromised using the Fortra GoAnywhere security flaw in February and Saks' disclosure comes only days after Hitachi Energy confirmed having experienced a data breach as a result of the same vulnerability.
Officials at the City of Augusta, Georgia, have been noted by Mayor Garnett Johnson to have not communicated with the BlackByte ransomware operation that took credit for a cyberattack against the city that commenced on May 21, according to The Record, a news site by cybersecurity firm Recorded Future.
Attacks exploiting a zero-day in the MOVEit Transfer file transfer app to compromise various servers and facilitate data exfiltration efforts have been admitted by the Clop ransomware operation, also known as Lace Tempest, TA505, and FIN11, after the intrusions have been attributed to the group by Microsoft, reports BleepingComputer.