Community Health Systems reports GoAnywhere hacked

Community Health Systems reports GoAnywhere hacked

The healthcare company says the protected health information of as many as one million patients was exposed in a wave of zero-day attacks targeting Fortra's MFT platform. The incident that led to the unlawful disclosure of Community Health Systems' patient data was reported to the Securities and Exchange Commission by a third-party vendor for secure file transfer. According to the technical notice published on Infosec.exchange by renowned security researcher Brian Krebs, the GoAnywhere managed file transfer platform initially alerted users of a zero-day remote code injection attack on February 1. According to the Fortra bulletin Krebs accessed and shared, "The attack vector of this exploit requires access to the administrative console of the application, which is typically only accessible from within a private company network, through [virtual private network] or by allow-listed IP addresses (when running in cloud environments, such as Azure or AWS).




Next Article

Did you find this useful?

Medigy Innovation Network

Connecting innovation decision makers to authoritative information, institutions, people and insights.

Medigy Logo

The latest News, Insights & Events

Medigy accurately delivers healthcare and technology information, news and insight from around the world.

The best products, services & solutions

Medigy surfaces the world's best crowdsourced health tech offerings with social interactions and peer reviews.


© 2024 Netspective Foundation, Inc. All Rights Reserved.

Built on Nov 22, 2024 at 12:50pm