Saks Fifth Avenue claimed to be compromised by Clop ransomware

BleepingComputer reports that U.S. luxury brand retailer Saks Fifth Avenue had its systems claimed to be breached by the Clop ransomware operation in an attack leveraging a zero-day security vulnerability in the Fortra GoAnywhere Managed File Transfer system, tracked as CVE-2023-0669. However, only Saks' mock customer data has been compromised as a result of the attack, according to a Saks spokesperson. "The mock customer data does not include real customer or payment card information and is solely used to simulate customer orders for testing purposes," said Saks, which noted that investigation into the incident is still ongoing as it declined to answer the attack's impact on corporate or employee information. More than 130 organizations were claimed by Clop to be compromised using the Fortra GoAnywhere security flaw in February and Saks' disclosure comes only days after Hitachi Energy confirmed having experienced a data breach as a result of the same vulnerability.