Last Updated on 24/03/2023 by TheDigitalHacker
Consumer goods giant Procter & Gamble (P&G) has confirmed a data breach resulting from a zero-day vulnerability in GoAnywhere, a secure file transfer software. The company, which owns major household brands such as Tide and Gillette, stated that the unauthorized access occurred between December 2022 and January 2023.
P&G has not disclosed the number of records compromised or the nature of the data that was accessed. However, it has reassured customers that no personal information or financial data was compromised during the breach. The company has also stated that it has taken measures to address the vulnerability in GoAnywhere and has implemented additional security controls to prevent further incidents.
GoAnywhere is a widely used software solution that enables secure file transfer and encryption. The zero-day vulnerability, which allowed unauthorized access to P&G’s data, has since been patched by the software’s vendor, Linoma Software. It is not clear whether other organizations using GoAnywhere have been affected by the vulnerability.
The company spokesperson said that the company doesn’t have any information that proves that customer information has been leaked.
Action After confirmation
P&G informed all the employees and got an alternate system to manage the files. They also mentioned that their business operation is running smoothly.
Data breaches have become increasingly common in recent years, with cybercriminals exploiting vulnerabilities in software and systems to gain access to sensitive data. Companies are urged to implement robust security measures and regularly update their systems to prevent such incidents from occurring.
P&G among 130 other companies hacked by CLOP
COPL gang mentioned that they have exploited the CVE-2023-0669 GoAnywhere vulnerability as a zero-day to breach and steal data from the secure storage servers of more than 130 organizations.
And one by one, the news is coming out about new data breaches. The reason of these breaches is very simple, they ask for a ransom and the company takes and action to resolve the issue.