Franklin Templeton, a global financial center that manages $1.5 trillion in assets, has recently fallen victim to a cyber attack on the GoAnywhere platform. The company and its clients, including Franklin Templeton Canada, suffered from a security breach which was traced back to a third-party supplier of Investorcom.
Investorcom provides software and communication solutions to the financial industry to ensure they meet regulatory requirements. According to Investorcom, hackers used a previously unknown vulnerability to obtain access to certain customer data. Franklin Templeton used Investorcom’s services to coordinate delivery of public documents.
The attack happened on January 30th, 2023, where hackers obtained names, addresses and account numbers of both Franklin Templeton and its dealers. As per the Prosecutor General’s Office, 89,470 individuals were affected by the breach.
The company has launched an investigation on the incident to clarify the circumstances of the hack. It has also implemented additional cybersecurity measures to protect customer accounts and informed regulatory authorities of the incident. Unfortunately, Franklin Templeton did not offer personal data theft protection to victims but advised customers to remain vigilant of unauthorized actions in their accounts.
Earlier in February, the Clop extortion gang claimed they had stolen data from over 130 organizations worldwide, utilizing a zero-day vulnerability (CVE-2023-0669) in GoAnywhere MFT for safe file transmission. It allowed hackers to remotely execute code on incorporate GoAnywhere MFT when its administrative console was open for internet access. Shodan scans showed there are only just over 1,000 copies throughout the entire internet.