Japanese tech giant Hitachi confirmed that it was targeted by Clop ransomware actors through a zero-day vulnerability in the Fortra GoAnywhere secure file transfer protocol.

Tracked as CVE-2023-0669, the vulnerability resides in the administrative web interface and could be exploited by a remote attacker to achieve remote code execution via a malicious request. Fortra released an emergency patch to address the flaw back in February 2023, warning that the bug was being actively exploited by threat actors.

Hitachi has admitted the hack after the Cl0p ransomware group claimed dozens of victims on its data leak site, including some high-profile companies such as Shell and Bombardier and higher education institutions like Stanford or Colorado universities.

“We recently learned that a third-party software provider called FORTRA GoAnywhere MFT (Managed File Transfer) was the victim of an attack by the CLOP ransomware group that could have resulted in an unauthorized access to employee data in some countries,” Hitachi said in a statement.

Following the incident the tech giant disconnected the third-party system and launched an investigation to determine the nature and the scope of the attack. The company said that currently there’s no indication that its network operations or customer data was affected in the breach.

Last week, US-based cloud data management and data security company Rubrik admitted it was hacked in a similar attack that saw some of its corporate information stolen by hackers. Sensitive personal data such as social security numbers, financial account numbers, or payment card numbers is said to have not been impacted in the breach.