The global financial powerhouse, overseeing a staggering $1.5 trillion in managed assets, was affected by the GoAnywhere breach which also hit countless other companies in the US.
A notice to affected clients on May 23rd stated that Franklin Templeton Canada and its clients were affected by the recent cybersecurity incident experienced by third-party vendor InvestorCOM.
InvestorCOM provides regulatory compliance software and communications solutions for the finance industry. It recently fell prey to a breach of the file transfer service GoAnywhere, along with many other companies worldwide.
According to InvestorCOM, a previously undisclosed vulnerability was exploited to gain access to certain customer data. Franklin Templeton says that it had used the services of InvestorCOM to coordinate the delivery of its public disclosure documents.
The attack allegedly occurred on January 30th, 2023. Threat actors are said to have acquired personal information including names, addresses, Franklin Templeton account numbers, and dealer account numbers. The Office of the Maine Attorney General says that 89,470 people were affected by the hack.
“We immediately activated our incident response protocols, opened our own investigation, and began gathering as much information as possible from InvestorCOM,” stated Franklin Templeton.
The company claims to have implemented additional cybersecurity measures to help protect client accounts and reported the incident to all designated regulatory authorities.
Franklin Templeton has not offered affected individuals identity theft protection services, but urged their clients to remain vigilant to unauthorized account activity.
Franklin Templeton has been added to a long list of GoAnywhere breach victims. Mental healthcare company Brightline informed its clients in May that personal data was stolen due to a breach of their third-party provider for file transfer services.
Crown Resorts, Australia’s largest gaming and entertainment company, has also been contacted by a ransomware gang that claims to be exploiting the GoAnywhere vulnerability.
The gambling giant said that it was one of many breached due to a zero-day bug found on Fortra’s GoAnywhere managed file transfer, and admitted that a ransomware gang had been in contact.
More from Cybernews:
Subscribe to our newsletter