Breaking news: Canada’s Onex acknowledges being caught by GoAnywhere MFT compromise

Share post:

One of Canada’s biggest asset management companies is the latest victim of the hack of Forta’s GoAnywhere MFT managed file transfer platform.

A spokesperson for Onex Corp. this morning confirmed that an unspecified amount of company data was exposed in the compromise of GoAnywhere MFT

“This wasn’t a direct breach of Onex’s systems,” emphasized the spokesperson, a senior official who spoke on condition that they not be identified. “It was a third-party provider that was impacted that we have some data [with] that has been affected. We are dealing with our clients appropriately.”

The spokesperson then confirmed the impacted data was through GoAnywhere MFT. The confirmation came after the Clop ransomware group listed Onex on its data leak site.

The spokesperson wouldn’t say when Onex learned its data was compromised, nor the type of data, nor how much data, other than to say the breach was “fairly contained.” Nor would they say if Onex has been contacted by the attacker.

Onex has investments in a wide range of companies, including Toronto-based Celestica, one of the world’s biggest electronics manufacturers, Calgary-based airline WestJet, and Chatters Canada, a national hair salon chain. Onex has just over $50 billion in assets under management.

According to its just-released financials, the company made $235 million last year.

Other corporate victims of the GoAnywhere MFT compromise include Rubrik, Hatch Bank, and Community Health Systems. All three are headquartered in the U.S.. In a statement Monday, Rubrik said it “detected unauthorized access to a limited amount of information in one of our non-production IT testing environments as a result of the GoAnywhere vulnerability. Importantly, based on our current investigation, being conducted with the assistance of third-party forensics experts, the unauthorized access did not include any data we secure on behalf of our customers via any Rubrik products.”

At this point, it’s unclear how many organizations have been hacked via the GoAnywhere vulnerability, said Brett Callow, a British Columbia-based threat analyst for Emsisoft. Clop has listed and then delisted more than one company, possibly indicating that those companies paid to be removed from the site, he said.

The Clop gang told Bleeping Computer it stole data from over 130 organizations through a zero day vulnerability in GoAnywhere MFT.

Fortra markets GoAnywhere MFT as a secure managed file transfer service that allows organizations to centralize, simplify, and automate data movement. It can be deployed on-premises or in the cloud.

The post Breaking news: Canada’s Onex acknowledges being caught by GoAnywhere MFT compromise first appeared on IT World Canada.
Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times.


Related articles

Microsoft announces enhanced security feature for OneNote

Microsoft has released further information on the increased security measures it is deploying for OneNote in order to...

Russian hacker group steals Emails of NATO officials and diplomats

Since February 2023, a Russian hacking gang known as TA473 or 'Winter Vivern' has targeted unpatched Zimbra endpoints...

Canadian cybersecurity accelerator counts its accomplishments

A Canadian university-associated business accelerator for helping early-stage cybersecurity companies says its first two years of operation have been more than satisfactory. The Rogers Cybersecure Catalyst Accelerator has had “an incredible impact” on Canadian cybersecurity entrepreneurs and founders, executive director Charles Finlay said this week in the first report on the program’s progress. Despite having

Crackdown on ransomware gangs yet to show an impact: OpenText

In its annual cybersecurity report OpenText also looked at malware, phishing and infec

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways