Hatch Bank, a digital-first bank that provides infrastructure for fintech companies offering their own brand credit cards, confirmed hackers exploited a zero-day vulnerability in the company’s internal file transfer software that allowed access to thousands of customer Social Security numbers.
The vulnerability in Fortra’s GoAnywhere file-transfer software came to light on February 2 after security journalist Brian Krebs publicly shared details of Fortra’s security advisory because the tech company had put the advisory behind a login prompt.
The Clop ransomware gang claimed to have exploited the zero-day flaw, tracked as CVE-2023-0669, to steal data from more than 130 organizations. Community Health Systems, one of the largest healthcare providers in the United States, was the first victim to publicly disclose it had fallen victim to the zero-day bug. Hatch Ban …
