• Fri. Aug 18th, 2023

High-Profile Global Financial Center Compromised: $1.5 Trillion in Assets Exposed due to GoAnywhere Vulnerability

Aug 10, 2023
$1.5 Trillion Exposed in Financial Center Breach
Esme Greene

The GoAnywhere platform of a global financial center, responsible for managing $1.5 trillion in assets, has fallen victim to a cyberattack.

Customers of Franklin Templeton Canada, along with the firm itself, received a notification stating that they were impacted by a cyber incident involving InvestorCOM, a third-party vendor.

InvestorCOM is an expert in offering software and communication solutions that go by legal specifications and are especially suited for the financial sector.

According to InvestorCOM, the hack used an as-yet-unknown vulnerability to provide unauthorized users access to some client data. For the purpose of organizing the distribution of its public materials, Franklin Templeton used InvestorCOM’s services.

Breach Details & Response Efforts

The intrusion happened on January 30, 2023. Personal information like names, addresses, Franklin Templeton account numbers, and dealer account numbers were accessible to the hackers. The attorney general’s office acknowledged that the attack had an impact on around 89,470 people.

The business has opened an inquiry to learn more about the nature of the intrusion. Franklin Templeton has also added further cybersecurity safeguards to protect consumer accounts and swiftly informed the appropriate regulatory authorities about the occurrence.

Although Franklin Templeton did not provide identity theft protection services to those who were impacted, they did urge clients to be on the lookout for any indications of illegal account activity.

The Clop ransomware group, which exploited a zero-day vulnerability in the GoAnywhere MFT secure file transfer application, recently claimed responsibility for data theft from more than 130 enterprises globally.

When the administrator interface is reachable over the Internet, the CVE-2023-0669 vulnerability enables attackers to run arbitrary code on unpatched instances of GoAnywhere MFT. A Shodan search turned up slightly over a thousand similar occurrences on the Internet.