Toronto, others confirm impact from Clop GoAnywhere attacks

Ongoing Clop ransomware attacks leveraging a zero-day security vulnerability in the Fortra GoAnywhere Managed File Transfer system, tracked as CVE-2023-0669, have impacted the City of Toronto, as well as the U.K.'s Virgin Red and Pension Protection Fund, reports BleepingComputer. Toronto was earlier added by Clop ransomware to its list of victims but only confirmed on Thursday that some of its files have been compromised as a result of the attack on Fortra GoAnywhere systems. "The access is limited to files that were unable to be processed through the third-party secure file transfer system," said a City of Toronto spokesperson. Meanwhile, Virgin Group admitted that Clop's GoAnywhere attacks have exposed certain files from its rewards club Virgin Red but a spokesperson emphasized that no personal data from employees or customers has been compromised. However, U.K. statutory public corporation Pension Protection Fund had data from its current and former employees potentially impacted by the attack. "We would stress that our own systems have not been compromised and we remain vigilant, working to the very highest information security standards and certifications," said PPF.