Consumer goods giant Procter & Gamble (P&G) has reportedly fallen victim to cybercriminals who posted its commercial data on a dark-web blog that is often used for blackmail purposes. P&G has confirmed that one of its subsidiaries was targeted due to a vulnerability in Fortra’s GoAnywhere system. The Russia-linked ransomware group, Cl0p, has claimed responsibility for the attack, which it says exploited a zero-day bug in the managed file transfer service. According to Cl0p’s website, the leaked P&G data was taken from a server that stored the company’s information on GoAnywhere’s cloud infrastructure.
The leaked data indicates that Cl0p’s attack targeted one of Procter & Gamble’s regional distribution branches in a major US city. The data includes information on businesses that purchase P&G’s products, such as Amazon and Walmart.
However, P&G’s claim that sensitive customer data was not accessed seems to be supported by the samples provided by Cl0p, which primarily focus on commercial clients’ purchases. P&G’s Fortra’s GoAnywhere vulnerability has also affected multiple other companies in recent weeks, including Munich Re, Virgin Red, Pluralsight, Shell, and Hitachi.
While some of the companies affected by Cl0p claimed that the exposed data had little impact on their daily activities, Cl0p has reportedly received an estimated $500 million in payouts since 2019. P&G is a market leader in consumer goods, with reported sales of $80.2 billion in fiscal year 2022. The company produces popular brands such as Tide, Pampers, and Gillette and employs over 100,000 people worldwide, according to Fortune.