More Canadian organizations have acknowledged being victimized by the GoAnwhere MFT managed file transfer vulnerability leveraged by the Clop ransomware gang. The Clop gang has told Bleeping Computer that it has hit 130 organizations using the vulnerability.
Movie chain Cineplex Inc. said Thursday it was hit. This comes after Cineplex was listed by Clop on its expanding list of victims. And the City of Toronto admitted it is also a victim.
“We recently learned of a data security incident involving a third-party supplier that Cineplex used for data transfer services,” Judy Lung, Cineplex’s director of communications, said in an email to IT World Canada. “Fortra GoAnywhere MFT (Managed File Transfer) was the victim of a zero-day cyber attack. We immediately informed all Cineplex employees who may have been affected and took steps to protect and support them. Cineplex operations were not impacted nor was any customer data accessed or compromised.”
Publicly-traded Cineplex just reported February box office revenues of $37 million.
Last week Toronto-based Onex Corp., one of Canada’s biggest asset management companies, admitted it, too, is a victim.
UPDATE: The City of Toronto says it, too, was victimized. “On March 20, the City became aware of potential unauthorized access to City data,” a spokesperson said in an email. “Today, the City of Toronto has confirmed that unauthorized access to City data did occur through a third party vendor. The access is limited to files that were unable to be processed through the third party secure file transfer system. The City is actively investigating the details of the identified files.”
The spokesperson added that “the unauthorized access to City data is related to the zero-day vulnerability in Fortra’s GoAnywhere service.”
Fortra markets GoAnywhere MFT as a secure managed file transfer service that allows organizations to centralize, simplify, and automate data movement. It can be deployed on-premises or in the cloud.