Security firm Rubrik is latest to be felled by GoAnywhere vulnerability

Rubrik, the Silicon Valley data security company, said that it experienced a network intrusion made possible by a zero-day vulnerability in a product it used called GoAnywhere.

In an advisory posted on Tuesday, Rubrik CISO Michael Mestrovich said an investigation into the breach found that the intruders gained access to mainly internal sales information, including company names and contact information, and a limited number of purchase orders from Rubrik distributors. The investigation, which was aided by an unnamed third-party company, concluded there was no exposure of sensitive information such as Social Security numbers, financial account numbers, or payment card data.

“We detected unauthorized access to a limited amount of information in one of our non-production IT testing environments as a result of the GoAnywhere vulnerability,” Mestrovich wrote. “Importantly, based on our current investigation, being conducted with the assistance of third-party forensics experts, the unauthorized access did NOT include any data we secure on behalf of our customers via any Rubrik products.”

Mestrovich left key details out of the disclosure, most notably when the breach happened and when or if Rubrik patched the vulnerability. On February 2, Cybersecurity company Fortra privately warned customers it had identified zero-day exploits of a vulnerability in its GoAnywhere MFT, an enterprise-grade managed file transfer app. Fortra urged customers to take steps to mitigate the threat until a patch became available. On February 6, Fortra fixed the vulnerability, tracked as CVE-2023-0669, with the release of version 7.1.2

Leave a Comment