Enterprise cybersecurity tools, such as routers, firewalls, and VPNs, exist to protect corporate networks from intruders and malicious hackers, something that is particularly important in today’s age of widespread remote and hybrid working.

But while pitched as tools that help organizations stay safe from outside threats, many of these products have time and again been found to contain software bugs that allow malicious hackers to compromise the very networks these products were designed to protect.

These bugs have been blamed for an explosion in mass-hacking campaigns in recent years, whereby malicious hackers abuse these often easy-to-exploit security flaws to break into the networks of thousands of organizations and steal sensitive company data.

We’ve put together a brief history of mass hacks, and will update this article when more inevitably come to light.

January 2023: Fortra file-transfer tool hacks hit 130 organizations

One of the first mass hacks of this decade saw a notorious ransomware crew exploit a vulnerability in Fortra’s GoAnywhere managed file transfer software, a product used by companies to share large files and sensitive datasets over the internet. The prolific Clop ransomware gang exploited the bug to compromise more than 130 organizations and steal the personal data of millions of individuals.