1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Saks Fifth Avenue becomes latest Clop ransomware victim

    From TechnologyDaily@1337:1/100 to All on Wed Mar 22 14:45:04 2023
    Saks Fifth Avenue becomes latest Clop ransomware victim

    Date:
    Wed, 22 Mar 2023 14:33:23 +0000

    Description:
    Saks downplays the breach, saying the hackers took "mock data".

    FULL STORY ======================================================================

    The list of Clop ransomware victims keeps on growing, with the threat actor adding American retail icon Saks Fifth Avenue to its data leak website.

    Saks Fifth Avenue is a luxury brand retailer, offering curated shops
    featuring the latest trends in apparel, shoes, handbags, and similar.

    While the threat actor did add the retailers name to the leak site, they did not provide any additional details, such as the type of data that was taken, or whom it belonged to (for example, customers, partners, or employees). Fake data

    On the other hand, the company confirmed the data breach to BleepingComputer, with a spokesperson saying that it fell prey to the now-infamous GoAnywhere MFT vulnerability. It did, however, downplay the importance of the incident, saying the data the hackers took was bogus:

    "Fortra, a vendor to Saks and many other companies, recently experienced a data security incident that led to mock customer data being taken from a storage location used by Saks," a Saks spokesperson told the publication.
    "The mock customer data does not include real customer or payment card information and is solely used to simulate customer orders for testing purposes."

    The reporters followed up with a question whether corporate or employee data was taken, and were met with silence. Read more

    Hitachi Energy confirms data breach after being hit by Clop ransomware


    Hatch Bank says 140,000 customers had data stolen after breach


    Check out the best malware protection right now

    When Clop added Community Health Systems (CHS) to its data leak site in mid-February this year and claimed it had used a single vulnerability in GoAnywhere MFT to compromise 130 organizations, its safe to assume that very few people actually believed them, especially with the threat actors not backing these claims with any evidence at the time.

    Since then, Clop added Hatch Bank, Hitachi Energy, Ferrari, and dozens of other companies, to the leak site, giving credence to its claims.

    GoAnywhere MFT is a popular file-sharing service developed by Fortra and used by large businesses to share sensitive files, securely. It was vulnerable to CVE-2023-0669, a pre-authentication command injection vulnerability in the License Response Servlet that allowed Clops members to execute malicious
    code, remotely. These are the best endpoint protection services at the moment

    Via: BleepingComputer



    ======================================================================
    Link to news story: https://www.techradar.com/news/saks-fifth-avenue-becomes-latest-clop-ransomwar e-victim


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)