Breaking news: Canada’s Onex acknowledges being caught by GoAnywhere MFT compromise

Share post:

One of Canada’s biggest asset management companies is the latest victim of the hack of Forta’s GoAnywhere MFT managed file transfer platform.

A spokesperson for Onex Corp. this morning confirmed that an unspecified amount of company data was exposed in the compromise of GoAnywhere MFT

“This wasn’t a direct breach of Onex’s systems,” emphasized the spokesperson, a senior official who spoke on condition that they not be identified. “It was a third-party provider that was impacted that we have some data [with] that has been affected. We are dealing with our clients appropriately.”

The spokesperson then confirmed the impacted data was through GoAnywhere MFT. The confirmation came after the Clop ransomware group listed Onex on its data leak site.

The spokesperson wouldn’t say when Onex learned its data was compromised, nor the type of data, nor how much data, other than to say the breach was “fairly contained.” Nor would they say if Onex has been contacted by the attacker.

Onex has investments in a wide range of companies, including Toronto-based Celestica, one of the world’s biggest electronics manufacturers, Calgary-based airline WestJet, and Chatters Canada, a national hair salon chain. Onex has just over $50 billion in assets under management.

According to its just-released financials, the company made $235 million last year.

Other corporate victims of the GoAnywhere MFT compromise include Rubrik, Hatch Bank, and Community Health Systems. All three are headquartered in the U.S.. In a statement Monday, Rubrik said it “detected unauthorized access to a limited amount of information in one of our non-production IT testing environments as a result of the GoAnywhere vulnerability. Importantly, based on our current investigation, being conducted with the assistance of third-party forensics experts, the unauthorized access did not include any data we secure on behalf of our customers via any Rubrik products.”

At this point, it’s unclear how many organizations have been hacked via the GoAnywhere vulnerability, said Brett Callow, a British Columbia-based threat analyst for Emsisoft. Clop has listed and then delisted more than one company, possibly indicating that those companies paid to be removed from the site, he said.

The Clop gang told Bleeping Computer it stole data from over 130 organizations through a zero day vulnerability in GoAnywhere MFT.

Fortra markets GoAnywhere MFT as a secure managed file transfer service that allows organizations to centralize, simplify, and automate data movement. It can be deployed on-premises or in the cloud.

The post Breaking news: Canada’s Onex acknowledges being caught by GoAnywhere MFT compromise first appeared on IT World Canada.
Howard Solomon
Howard Solomonhttps://www.itworldcanada.com
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times.

Featured Tech Jobs

SUBSCRIBE NOW

Related articles

Cyber Security Today, April 24, 2024 – Good news/bad news in Mandiant report, UnitedHealth admits paying a ransomware gang, and more

This episode reports on the danger of using expired open-source packages, a tool used by a Russian hacking group and passw

Google Play introduces new biometric verification with a user warning

Google has recently announced updates to the biometric verification process for Google Play purchases, aiming to bolster security...

Cyber Security Today, Week in Review for week ending Friday April 19, 2024

On this episode Jen Ellis, co-chair of the Ransomware Task Force, talks about ways of fighting one of the biggest cyber threats to IT d

Cyber Security Today, April 19, 2024 – Police bust phishing rental platform, a nine-year old virus found on Ukrainian computers, and more

This episode reports on a threat actor targeting governments in the Middle East with a novel way of hiding malware is going international

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways