Procter & Gamble confirm breach

Published: 24 March 2023
Last updated: 28 March 2023
Procter Gamble Cl0p
Image by Cybernews.

Procter & Gamble (P&G), a US consumer goods behemoth, confirmed one of its companies was affected by Fortra’s GoAnywhere vulnerability.

P&G confirmed the suspected breach saying “one of the many companies” was indeed victimized due to Fortra’s GoAnywhere vulnerability. P&G told Cybernews that attackers obtained “some information” about the company’s employees.

“The data that was obtained by the unauthorized party did not include information such as social security numbers or national identification numbers, credit card details, or bank account information,” the company’s representative told Cybernews.

ADVERTISEMENT

Russia-linked ransomware syndicate Cl0p recently claimed dozens of victims on its dark web blog, citing the zero-day bug found on Fortra’s GoAnywhere managed file transfer. Shell, Hitachi, Hatch Bank, Stanford University, Rubrik, Virgin, and many others are among the claimed victims.

P&G claims that the company learned about the incident in early February. The company then immediately launched an investigation, disabled the use of Fortra’s services, and notified company employees about the cyberattack.

Procter Gamble
P&G listed on Cl0p's leak site. Image by Cybernews.

“At this time, there is no indication that customer data was affected by this issue. Our business operations are continuing as normal,” the representative said.

P&G is a market leader in consumer goods, with reported sales of $80.2 billion for the fiscal year 2022. According to Fortune, the company employs over 100,000 people worldwide.

Cl0p ransomware has been around since 2019. The gang has also been at the forefront of the ransomware world, with estimated payouts reaching $500 million in November 2021.

Even though the gang stopped operations following the arrest of its several affiliates in late 2021, Cl0p came back to life earlier this month. Since then, the gang has been on a spree, reportedly adding multiple victims each day.

The use of the GoAnywhere zero-day flaw was confirmed by the cybercriminals themselves, adding the vulnerability was used to supposedly breach a whopping 130 organizations.

ADVERTISEMENT

Experts believe the gang’s openness about using the zero-day bug point to the tool being obsolete. The gang might have created a smokescreen by pushing security teams to frantically look for exposed systems while attempting to move laterally or abuse other vendors.

Share
Post
Share
Share
Share
More from Cybernews
Companies using Fable 5 beware: it’s collecting your data, and there are no exceptions
World’s leading mathematicians ridicule AI hype in high-IQ declaration
Democrats are far more worried than Republicans that AI will take jobs, new poll finds
Europe’s tech revolution feels like Soviet déjà vu
New York demands advertisers use “synthetic performer” label or else
The surprising way Elon Musk is powering your next holiday flight
ADVERTISEMENT
Leave a Reply

Your email address will not be published. Required fields are markedmarked