Last Updated on 17/03/2023 by TheDigitalHacker
This is unique and hilarious at the same time. The company that helps businesses secure their data, and recover from data breaches got its data breached.
Looks like hackers behind GoAnywhere zero-day attack really took this as a challenge and won.
Rubrik, a California-based cloud data management, security and backup company has confirmed that it has been the victim of a data breach following a zero-day attack on GoAnywhere, a secure file transfer software used by the company.
The reason of the breach?
According to reports, the attackers exploited a vulnerability in the software that allowed them to bypass authentication and access data stored on the servers. As a result, Rubrik’s sensitive information was stolen.
The company has released a statement confirming the breach and stating that it is currently conducting an investigation into the incident. They have urged their customers to update their GoAnywhere software(a file transfer software) to the latest version to mitigate any potential risks.
In addition, Rubrik has reported the incident to the relevant authorities and is working closely with law enforcement agencies to identify the perpetrators and bring them to justice.
Rubrik’s data breach serves as a reminder of the importance of implementing strong cybersecurity measures and regularly updating software to prevent attacks. Zero-day vulnerabilities are particularly dangerous as they are often unknown to the software vendor, making them difficult to detect and defend against.
The incident also highlights the need for organizations to have effective incident response plans in place to quickly respond to and mitigate the impact of data breaches.
Rubrik has assured its customers that it takes data privacy and security seriously and will continue to take all necessary steps to protect its customers’ data. The company has advised customers to monitor their accounts for any suspicious activity and to report any concerns immediately.
The strategy of targeting security companies is not new, this has happened with LastPass and other companies before including OCTA.
Updates:
- third-party forensics experts are working on the reason of the breach and data leak scope. So far, there has been no lead from rubrics products.
-
Test environment was taken offline to prevent further intrusions.
-
The spread is being stopped by making part of the systems shut down and new isolations
- The clop ransomware gang has given a critical message and added Rubrik to their data leak site. They have shared samples of stolen files and stated that the data would soon be publicly released
- In the screenshot, the excel sheet data contacting employee name, email, and location.
What is Zero-day vulnerability?
A zero-day vulnerability is a security flaw in a software system or application that is unknown to the vendor and for which there is no patch or fix available. In other words, it is a vulnerability that has not yet been discovered or publicly disclosed, giving attackers a window of opportunity to exploit it before the vendor can develop and release a patch to fix it.
How dangerous is zero day vulnerability?
Zero-day vulnerabilities can be particularly dangerous as they give attackers a significant advantage over defenders. Since the vulnerability is unknown to the vendor, there are no patches or updates available to mitigate the risk, leaving users of the software or application vulnerable to attacks until a fix is released. Zero-day vulnerabilities can be used by attackers to gain unauthorized access to systems, steal data, or execute malicious code.