Rubrik Discloses Hackers Stole Internal Data via Zero-Day Exploit

Fortra advised Rubrik of the zero-day remote code execution vulnerability,

Edward Gately, Senior News Editor

March 15, 2023

2 Min Read
Zero Day Exploit
Shutterstock

Rubrik, the zero trust data security company, has disclosed hackers stole some of its data, including internal sales information, using a zero-day vulnerability.

Michael Mestrovich, Rubrik’s CISO, confirmed the cyber incident in a blog. He said the unauthorized access via zero-day exploit didn’t include any data Rubrik secures on behalf of its customers.

Mestrovich-Michael_Rubrik.jpg

Rubrik’s Michael Mestrovich

“In February of this year, one of our vendors, Fortra, the developers of the GoAnywhere Managed File Transfer, advised of a zero-day remote code execution vulnerability,” he said. “It has been reported that this vulnerability is being actively exploited across more than 100 organizations globally.”

According to Bleeping Computer, the Clop ransomware gang recently added Rubrik to their data leak site. They shared samples of stolen files. In addition, they said they will publicly release data soon.

GoAnywhere is a secure web file transfer solution. It allows companies to securely transfer encrypted files with their partners while keeping detailed audit logs of who accessed the files.

Data Stolen from Non-Production IT Testing Environment

Rubrik detected unauthorized access to a limited amount of information in one of its non-production IT testing environments.

“The current investigation has determined there was no lateral movement to other environments,” Mestrovich said. “Rubrik took the involved non-production environment offline, and leveraged our own security systems and solutions to quickly contain the threat and help restore our test environment.”

Third-party forensics experts are assisting Rubrik with its investigation into the incident.

“The involved data mainly consists of Rubrik internal sales information, which includes certain customer and partner company names, business contact information, and a limited number of purchase orders from Rubrik distributors,” Mestrovich said.

A third-party firm is assisting Rubrik in its review of the involved data. The firm confirmed no sensitive personal data was exposed, Mestrovich said. That includes Social Security numbers, financial account numbers or payment card numbers.

“As a cybersecurity company, the security of customer data we maintain is our highest priority,” Mestrovich said. “If we learn additional, relevant information we will update this post.”

Want to contact the author directly about this story? Have ideas for a follow-up article? Email Edward Gately or connect with him on LinkedIn.

Read more about:

VARs/SIs

About the Author

Edward Gately

Senior News Editor, Channel Futures

As senior news editor, Edward Gately covers cybersecurity, new channel programs and program changes, M&A and other IT channel trends. Prior to Informa, he spent 26 years as a newspaper journalist in Texas, Louisiana and Arizona.

Free Newsletters for the Channel
Register for Your Free Newsletter Now

You May Also Like