Grupo Vanti

Grupo Vanti operates within Colombia's energy sector. As an energy company headquartered in Colombia, its core business activities involve providing energy-related services within the national market. The specific nature of its products or services, such as generation, transmission, distribution, or retail, is not detailed in the provided source material. Similarly, explicit information regarding its operational scale, market reach beyond Colombia, workforce size, or notable physical footprint is unavailable from the given context. Ownership structure, including whether Grupo Vanti is a standalone entity or part of a larger corporate group, is also not specified within the known incident report.

Grupo Vanti was identified as a user of Fortra's GoAnywhere file transfer software. In early 2023, a significant ransomware attack exploited a vulnerability in this software, impacting Grupo Vanti alongside numerous other global organizations. The Russia-linked Clop ransomware gang claimed responsibility for the attack, stating they compromised approximately 130 entities. Attackers exfiltrated sensitive data, including employee information, tax documents, and healthcare records, from victims across multiple sectors, leveraging this stolen data for extortion by threatening public leaks on their dark web portal. While some affected organizations confirmed substantial data breaches impacting millions, Grupo Vanti did not publicly confirm or detail any compromise or data loss during the initial reporting period following the incident. The company's status as a GoAnywhere user placed it among the entities potentially affected by this widespread cyberattack.