Rubrik, a well-known cybersecurity firm, is unfortunately not impervious to cyber threats despite its commitment to scanning for weaknesses in applications and networks in order to enhance security and privacy.

The globally-utilized cloud data management service was challenged by an internal crisis, instead of a disaster recovery situation.

Vulnerabilities can be found in all types of companies, large or small. Rubrik recently experienced a large-scale attack that exploited a zero-day vulnerability in their GoAnywhere MFT devices. What is known about this incident? Read on to find out.

A Different Weakness – The Guardian Needs Safeguarding

No matter how reliable a business may be when it comes to security and privacy, there is always a chance of vulnerability. This is evidenced by the Log4Shell vulnerability, which even the biggest security companies in the world are worried about.

It can be said that system imperfections are unavoidable. Recently, QNAP, a Taiwanese producer of network-attached storage (NAS), reported its own PHP vulnerability.

Rubrik has recently discovered a security concern with GoAnywhere, a service intended to provide a secure method of exchanging encrypted data between companies.

This method is guaranteed to be secure, and it allows organizations to maintain precise records of what was sent and who had access to it.

A declaration was issued by Rubrik confirming the incident and reassuring customers that it was limited to the non-production IT testing setting. In addition, they have been assured that their personal information remains secure and unharmed.

A breach in security was detected in one of our non-production IT systems due to the GoAnywhere vulnerability.

Fortunately, our current investigation, with the help of outside forensics experts, has not revealed any customer data that was stored by our Rubrik products to be compromised.

Explaining the motivations behind their recent statement, it appears that the Clop ransomware gang initiated the disclosure immediately after adding Rubrik to their data leak site.

The “Very Dangerous” group of hackers has made available some examples of the pilfered records and announced that they intend to reveal all of it soon.

Rubrik maintains that their assertion is valid: no customer data was compromised. The screenshots, however, contain internal Rubrik info such as the locations, names, and email addresses of employees.

A Zero-Day Vulnerability in GoAnywhere Leads to a Data Breach in Rubrik

No matter the size or type of business, vulnerabilities are a risk that must be taken into account. Even companies whose primary focus is on cybersecurity are not immune to such issues which can be exploited by cybercriminals.

The Clop ransomware group has been operational for a while, and they seem to know when to attack. It is hoped that Rubrik will swiftly resolve this problem.

About the Author

Raymond is the primary author for Anonymistic. He's a computer scientist with extensive experience in development and cyber-security. He's also a big Marvel fan and a competitive gamer.

View Articles