Multiple class-action lawsuits have already been launched in the United States following the massive data breaches and exploitation related to Fortra's GoAnywhere MFT file transfer software in January.
Now those lawsuits may be piling up north of the border. A law firm in Saskatchewan, Canada — Merchant Law Group — has launched a nationwide class action suit. The claimants are Canadian investors in Mackenzie Financial who allege their personal information was compromised in a hack linked to GoAnywhere.
The defendants in this case include Mackenzie Financial and Edward Jones; Investor.com, a company responsible for managing information provided to clients of investment firms; and Fortra.
For a class action suit to move forward, it needs the approval of a judge.
The lawsuit brought forth on behalf of Mackenzie investors residing in B.C., Manitoba, Saskatchewan, and Newfoundland and Labrador, asserts that Mackenzie and Edward Jones enlisted the services of Investor.com for data transfer. This included the exchange of personal and financial details between employees and partners. Investor.com and Edward Jones purportedly utilized the cloud version of GoAnwhere (named GoAnywhere MFTaaS) for this purpose.
According to the lawsuit, hackers took advantage of a zero-day flaw in GoAnywhere MFTaaS in late January. This allowed them to set up unauthorized accounts in the systems of certain public and private sector clients and proceed to duplicate data. Fortra confirmed this incident in a public statement later.
On March 28, Investor.com allegedly informed Mackenzie and Edward Jones about the breach in GoAnywhere MFTaaS and revealed that names, addresses, and Social Insurance numbers of Mackenzie's customers had been exposed.
The Cl0p ransomware group has publicly claimed responsibility for the breach. The lawsuit attempts to link this recent attack to a similar incident that occurred in 2021, where the Cl0p gang exploited a vulnerability in the Accellion file transfer application.
"The Defendants failed to take precautionary steps despite the well-documented history of Clop attackers employing similar strategies to steal data from over 100 companies using Accellion FTA," according to the lawsuit. It further claims that despite numerous advisories published in 2021 detailing the cause of the previous attack and suggesting prevention methods, the defendants didn't show due diligence in thwarting potential attacks on GoAnywhere.
These accusations are yet to be substantiated in court.
In May, Mackenzie Financial assured InvestmentExecutive.com that customers' financial details, such as account balances and holdings, were not impacted by the breach.
Several organizations have disclosed that they fell prey to the GoAnywhere vulnerability, including Hitachi Energy, Cineplex, Onex, and Charles Schwab/TD Ameritrade.
In the United States, various class actions have been filed against both Fortra and its clients. DataBreachToday.com reports that NationsBenefits Holdings, a third-party benefits administrator, and health insurance provider Aetna are among the implicated parties. The allegations in these lawsuits are yet to be confirmed in court.
From outstanding individuals to innovative organizations, find out who made the final shortlist for top honors at the IN awards, now in its second year.
Cresset's Susie Cranston is expecting an economic recession, but says her $65 billion RIA sees "great opportunity" to keep investing in a down market.
“There’s a big pull to alternative investments right now because of volatility of the stock market,” Kevin Gannon, CEO of Robert A. Stanger & Co., said.
Sellers shift focus: It's not about succession anymore.
Platform being adopted by independent-minded advisors who see insurance as a core pillar of their business.
RIAs face rising regulatory pressure in 2025. Forward-looking firms are responding with embedded technology, not more paperwork.
As inheritances are set to reshape client portfolios and next-gen heirs demand digital-first experiences, firms are retooling their wealth tech stacks and succession models in real time.
