Intellihartx, a technology firm, has informed approximately 490,000 individuals that their personal information was compromised in a zero-day attack on the GoAnywhere file transfer tool.
The Clop ransomware group executed the attack, stealing personal and health information from 489,830 individuals. The breach occurred earlier this year, exploiting the CVE-2023-0669 vulnerability.
The breach was initially discovered by Intellihartx on February 2, 2023, prompting an immediate investigation into the extent of the incident. On March 24, the company completed its initial review and began notifying affected individuals on April 11.
Further analysis, conducted in collaboration with Fortra, the secure file transfer protocol provider, was completed on May 10 to determine the scope of the compromised information.
Compromised data may include individuals’ names, addresses, medical billing and insurance details, medical information like diagnoses and medications, as well as demographic information such as date of birth and Social Security numbers.
Intellihartx has not detected any misuse of the stolen information but has notified law enforcement and is offering one year of free credit monitoring services through Experian to affected individuals. Additionally, the company has provided guidance on preventing identity theft and fraud.
Intellihartx joins the list of organizations targeted in a broader hacking campaign exploiting the GoAnywhere vulnerability, with other victims including the City of Toronto, Rubrik, Onex, Axis Bank, Rio Tinto, Hitachi Energy, and Virgin Group.
The Clop ransomware group has also claimed responsibility for the recent MOVEit Transfer MFT zero-day attack, affecting notable organizations like Aer Lingus, British Airways, the BBC, Zellis, and the Canadian province of Nova Scotia.