UK Pension Protection Fund – Latest victim of GoAnywhere breach
UK pension fund is the most recent organization on a growing list of entities that has been impacted by the breach.
According to a fund representative, hackers used a third-party data transfer provider to gather information on certain UK Pension Protection Fund workers.
According to the Pension Protection Fund’s website, it administers £39 billion in assets for its 295,000 members. When a company experiences financial difficulty, the fund protects those with defined-benefit pensions. A spokesman for the fund, Jenny Peters, revealed that hackers accessed certain employee data by abusing the Go Anywhere transfer service.
According to Peters:
The fund employs GoAnywhere for some secure data transmission, via which the hackers were able to access some of the fund’s data. According to her, the stolen data “was not tied to our members or pensioners.
Employees that were impacted were given assistance in the form of an Experian monitoring service.
On Thursday, the ransomware group said that it had attacked the company. The Pension Protection Fund was mentioned in a post by the Cl0p organization on its website as one of its most recent victims. The group is well known for deploying ransomware to lock down the computers of its victims so that they cannot be accessed, then demanding money to free the files while threatening to post stolen data online.
Hackers had taken advantage of a software flaw in Fortra’s data transfer solution, which was developed by GoAnywhere, the company said in a statement at the beginning of February. According to the technology news website Bleeping Computer, the CLOP gang said it had taken advantage of GoAnywhere’s security flaw to steal data from over 130 firms. Upon being contacted for comment, a Fortra spokesperson didn’t react right away.
One of the victims was Community Health Systems Inc., an American healthcare organization. It reported the GoAnywhere attack had exposed patient data and predicted that around 1 million people may have been compromised in a filing with the Securities and Exchange Commission.
According to cybersecurity company Trend Micro Inc., the Russian-speaking ransomware gang Cl0p has been most active in recent years, extorting hundreds of millions of dollars from its victims.
Author: Komal Gaware