Canada’s Onex acknowledges being caught by GoAnywhere MFT compromise

One of Canada’s biggest asset management companies is the latest victim of the hack of Forta’s GoAnywhere MFT managed file transfer platform.

A spokesperson for Onex Corp. this morning confirmed that an unspecified amount of company data was exposed in the compromise of GoAnywhere MFT

“This wasn’t a direct breach of Onex’s systems,” emphasized the spokesperson, a senior official who spoke on condition that they not be identified. “It was a third-party provider that was impacted that we have some data [with] that has been affected. We are dealing with our clients appropriately.”

The spokesperson then confirmed the impacted data was through GoAnywhere MFT. The confirmation came after the Clop ransomware group listed Onex on its data leak site.

The spokesperson wouldn’t say when Onex learned its data was compromised, nor the type of data, nor how much data, other than to say the breach was “fairly contained.” Nor would they say if Onex has been contacted by the attacker.

Onex has investments in a wide range of companies, including Toronto-based Celestica, one of the world’s biggest electronics manufacturers, Calgary-based airline WestJet, and Chatters Canada, a national hair salon chain. Onex has just over $50 billion in assets under management.

According to its just-released financials, the company made $235 million last year.

Other corporate victims of the GoAnywhere MFT compromise include Rubrik, Hatch Bank, and Community Health Systems. All three are headquartered in the U.S.. In a statement Monday, Rubrik said it “detected unauthorized access to a limited amount of information in one of our non-production IT testing environments as a result of the GoAnywhere vulnerability. Importantly, based on our current investigation, being conducted with the assistance of third-party forensics experts, the unauthorized access did not include any data we secure on behalf of our customers via any Rubrik products.”

At this point, it’s unclear how many organizations have been hacked via the GoAnywhere vulnerability, said Brett Callow, a British Columbia-based threat analyst for Emsisoft. Clop has listed and then delisted more than one company, possibly indicating that those companies paid to be removed from the site, he said.

The Clop gang told Bleeping Computer it stole data from over 130 organizations through a zero day vulnerability in GoAnywhere MFT.

Fortra markets GoAnywhere MFT as a secure managed file transfer service that allows organizations to centralize, simplify, and automate data movement. It can be deployed on-premises or in the cloud.

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@] soloreporter.com

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now