Security

Fortra told breached companies their data was safe

Comment

a manipulated photo of the Clop ransomware leaks page, displaying domains targeting by ransomware on a multi-colored blurry text
Image Credits: TechCrunch (screenshot) / PhotoMosh

Software maker Fortra told its corporate customers that their data was safe — even when it wasn’t — following a ransomware attack on its systems, TechCrunch has learned.

As we have been reporting, the Clop ransomware gang exploited a newly discovered bug in Fortra’s GoAnywhere file transfer software, used by thousands of organizations to transfer sensitive data over the internet. The bug allowed the ransomware gang to hack in and carry out a mass ransomware attack on January 31. The Russia-linked Clop gang claimed it compromised about 130 organizations that were using the vulnerable GoAnywhere tool at the time of the ransomware attack.

Now, new victims are coming to light.

Consumer goods giant Procter & Gamble confirmed to TechCrunch that it was “one of the many companies affected by Fortra’s GoAnywhere incident” and that hackers had obtained some information of its employees as a result. Healthcare and wellness program provider US Wellness also disclosed this week that consumers’ personal and protected health data may have been compromised because of a third-party breach. TechCrunch has learned that US Wellness was a GoAnywhere customer at the time of the ransomware attack.

As the number of victims grows, more details are also beginning to come to light about how Fortra handled the incident.

TechCrunch has heard from two victim organizations that only learned that data had been exfiltrated from their GoAnywhere systems after they each received a ransom demand. Both organizations had been previously told by Fortra that their data was unaffected by the ransomware attack.

One of the organizations told TechCrunch that they realized the situation had changed when it was contacted by the purported hackers but said that the organization has not entered into any negotiations or paid a ransom demand.

When asked about this by email, Fortra spokesperson Rachel Woodford would not comment but did not dispute what the two organizations had told us or that Fortra had told customers their data was safe. Fortra did not make CISO Chris Reffkin available for an interview.

The full impact of the mass-hack resulting from the GoAnywhere vulnerability remains unknown. Fortra would not say, despite repeated requests by TechCrunch, if the company’s in-house GoAnywhere systems storing customers’ data were compromised during the ransomware attack.

The Clop ransomware gang has added dozens of new victims to its dark web leak site over the past few days — including payment software startup AvidXchange, investment giant Onex, the U.K.’s Pension Protection Fund, and the City of Toronto — all of which were identified by TechCrunch as organizations that used vulnerable GoAnywhere file transfer software at the time of the breach, along with dozens of other organizations.

It follows other additions to its leak pages, including Colombian energy giant Grupo Vanti, Australian gambling giant Crown Resorts, and Medex Healthcare.

Fortra has not yet publicly confirmed its January breach beyond an inaccessible advisory on its website. Fortra’s most recent press release on March 16 announced that the company had been awarded “best cybersecurity company” by the Cybersecurity Excellence Awards, an industry award paid for by submitting companies and which Fortra sponsors.


If you know more about the Fortra bug or breach, you can contact Carly Page securely on Signal at +441536 853968, or by email. You can also contact Zack Whittaker on Signal and WhatsApp at +1 646-755-8849 or zack.whittaker@techcrunch.com. You can also reach us via SecureDrop.

New victims come forward after mass-ransomware attack

More TechCrunch

OpenAI is removing one of the voices used by ChatGPT after users found that it sounded similar to Scarlett Johansson, the company announced on Monday. The voice, called Sky, is…

OpenAI is removing ChatGPT’s AI voice that sounds like Scarlett Johansson

Copilot, Microsoft’s brand of generative AI, will soon be far more deeply integrated into the Windows 11 experience.

Microsoft Build 2024: All the AI and hardware products Microsoft announced

Hello and welcome back to TechCrunch Space. For those who haven’t heard, the first crewed launch of Boeing’s Starliner capsule has been pushed back yet again to no earlier than…

TechCrunch Space: Star(side)liner

When I attended Automate in Chicago a few weeks back, multiple people thanked me for TechCrunch’s semi-regular robotics job report. It’s always edifying to get that feedback in person. While…

These 81 robotics companies are hiring

The top vehicle safety regulator in the U.S. has launched a formal probe into an April crash involving the all-electric VinFast VF8 SUV that claimed the lives of a family…

VinFast crash that killed family of four now under federal investigation

When putting a video portal in a public park in the middle of New York City, some inappropriate behavior will likely occur. The Portal, the vision of Lithuanian artist and…

NYC-Dublin real-time video portal reopens with some fixes to prevent inappropriate behavior

Longtime New York-based seed investor, Contour Venture Partners, is making progress on its latest flagship fund after lowering its target. The firm closed on $42 million, raised from 64 backers,…

Contour Venture Partners, an early investor in Datadog and Movable Ink, lowers the target for its fifth fund

Meta’s Oversight Board has now extended its scope to include the company’s newest platform, Instagram Threads, and has begun hearing cases from Threads.

Meta’s Oversight Board takes its first Threads case

The company says it’s refocusing and prioritizing fewer initiatives that will have the biggest impact on customers and add value to the business.

SeekOut, a recruiting startup last valued at $1.2 billion, lays off 30% of its workforce

The U.K.’s self-proclaimed “world-leading” regulations for self-driving cars are now official, after the Automated Vehicles (AV) Act received royal assent — the final rubber stamp any legislation must go through…

UK’s autonomous vehicle legislation becomes law, paving the way for first driverless cars by 2026

ChatGPT, OpenAI’s text-generating AI chatbot, has taken the world by storm. What started as a tool to hyper-charge productivity through writing essays and code with short text prompts has evolved…

ChatGPT: Everything you need to know about the AI-powered chatbot

SoLo Funds CEO Travis Holoway: “Regulators seem driven by press releases when they should be motivated by true consumer protection and empowering equitable solutions.”

Fintech lender SoLo Funds is being sued again by the government over its lending practices

Hard tech startups generate a lot of buzz, but there’s a growing cohort of companies building digital tools squarely focused on making hard tech development faster, more efficient and —…

Rollup wants to be the hardware engineer’s workhorse

TechCrunch Disrupt 2024 is not just about groundbreaking innovations, insightful panels, and visionary speakers — it’s also about listening to YOU, the audience, and what you feel is top of…

Disrupt Audience Choice vote closes Friday

Google says the new SDK would help Google expand on its core mission of connecting the right audience to the right content at the right time.

Google is launching a new Android feature to drive users back into their installed apps

Jolla has taken the official wraps off the first version of its personal server-based AI assistant in the making. The reborn startup is building a privacy-focused AI device — aka…

Jolla debuts privacy-focused AI hardware

The ChatGPT mobile app’s net revenue first jumped 22% on the day of the GPT-4o launch and continued to grow in the following days.

ChatGPT’s mobile app revenue saw its biggest spike yet following GPT-4o launch

Dating app maker Bumble has acquired Geneva, an online platform built around forming real-world groups and clubs. The company said that the deal is designed to help it expand its…

Bumble buys community building app Geneva to expand further into friendships

CyberArk — one of the army of larger security companies founded out of Israel — is acquiring Venafi, a specialist in machine identity, for $1.54 billion. 

CyberArk snaps up Venafi for $1.54B to ramp up in machine-to-machine security

Founder-market fit is one of the most crucial factors in a startup’s success, and operators (someone involved in the day-to-day operations of a startup) turned founders have an almost unfair advantage…

OpenseedVC, which backs operators in Africa and Europe starting their companies, reaches first close of $10M fund

A Singapore High Court has effectively approved Pine Labs’ request to shift its operations to India.

Pine Labs gets Singapore court approval to shift base to India

The AI Safety Institute, a U.K. body that aims to assess and address risks in AI platforms, has said it will open a second location in San Francisco. 

UK opens office in San Francisco to tackle AI risk

Companies are always looking for an edge, and searching for ways to encourage their employees to innovate. One way to do that is by running an internal hackathon around a…

Why companies are turning to internal hackathons

Featured Article

I’m rooting for Melinda French Gates to fix tech’s broken ‘brilliant jerk’ culture

Women in tech still face a shocking level of mistreatment at work. Melinda French Gates is one of the few working to change that.

1 day ago
I’m rooting for Melinda French Gates to fix tech’s  broken ‘brilliant jerk’ culture

Blue Origin has successfully completed its NS-25 mission, resuming crewed flights for the first time in nearly two years. The mission brought six tourist crew members to the edge of…

Blue Origin successfully launches its first crewed mission since 2022

Creative Artists Agency (CAA), one of the top entertainment and sports talent agencies, is hoping to be at the forefront of AI protection services for celebrities in Hollywood. With many…

Hollywood agency CAA aims to help stars manage their own AI likenesses

Expedia says Rathi Murthy and Sreenivas Rachamadugu, respectively its CTO and senior vice president of core services product & engineering, are no longer employed at the travel booking company. In…

Expedia says two execs dismissed after ‘violation of company policy’

Welcome back to TechCrunch’s Week in Review. This week had two major events from OpenAI and Google. OpenAI’s spring update event saw the reveal of its new model, GPT-4o, which…

OpenAI and Google lay out their competing AI visions

When Jeffrey Wang posted to X asking if anyone wanted to go in on an order of fancy-but-affordable office nap pods, he didn’t expect the post to go viral.

With AI startups booming, nap pods and Silicon Valley hustle culture are back

OpenAI’s Superalignment team, responsible for developing ways to govern and steer “superintelligent” AI systems, was promised 20% of the company’s compute resources, according to a person from that team. But…

OpenAI created a team to control ‘superintelligent’ AI — then let it wither, source says