U.S. multinational consumer goods manufacturer Procter & Gamble has confirmed having data from an undisclosed number of employees compromised in a Clop ransomware attack involving the exploitation of a zero-day flaw in the Fortra GoAnywhere Managed File Transfer system, tracked as CVE-2023-0669, BleepingComputer reports.
Despite the compromise of certain employee data, P&G emphasized that no financial or Social Security details have been impacted. There is also no evidence suggesting any compromise of customer information, according to P&G, which noted that it also halted usage of Fortra GoAnywhere MFTs.
"When we learned of this incident in early February, we promptly investigated the nature and scope of the issue, disabled [the] use of the vendor's services, and notified employees," said P&G.
P&G's confirmation comes after the City of Toronto, Canada, Saks Fifth Avenue, Hitachi Energy, Rubrik, Hatch Bank, and Community Health Systems acknowledged being impacted by Clop ransomware, which claimed to have compromised more than 130 organizations with the GoAnywhere bug.
Operations of California's Solano Partner Libraries and St. Helena, or SPLASH, continue to be interrupted weeks after the county's library network was targeted by a ransomware attack earlier this month, StateScoop reports.
Several rootkit-like capabilities could be obtained by threat actors through the exploitation of vulnerabilities in Windows' DOS-to-NT path conversion process, including file and process concealment and compromised prefetch file analysis, reports The Hacker News.
Open-source DevOps software project GitLab has also been impacted by the same security issue in GitHub comments that has been exploited by threat actors through Microsoft repository-linked URLs to facilitate the distribution of malware that was made to seem to originate from credible entities' official source code repositories, according to BleepingComputer.