[TheRecord] Accenture downplays ransomware attack as LockBit gang leaks corporate data

Fortune 500 company Accenture has fell victim to a ransomware attack but said today the incident did not impact its operations and has already restored affected systems from backups.

News of the attack became public earlier this morning when the company’s name was listed on the dark web blog of the LockBit ransomware cartel.

The LockBit gang claimed it gained access to the company’s network and was preparing to leak files stolen from Accenture’s servers at 17:30:00 GMT.

Image: The Record

In an emailed statement, Accenture not only confirmed the attack but also greatly played down its impact.

Through our security controls and protocols, we identified irregular activity in one of our environments. We immediately contained the matter and isolated the affected servers. We fully restored our affected systems from back up. There was no impact on Accenture’s operations, or on our clients’ systems.

Accenture spokesperson

But while Accenture said the incident was quickly contained, this didn’t stop the hackers from threatening to leak files they stole from the company’s internal network.

Just before this article was published, the countdown timer on the LockBit gang’s leak site also reached zero.

However, due to the high load on LockBit’s platform, none of the data could be either viewed or downloaded. Nevertheless, as interest dies down, the site is expected to recover and allow third-parties to download and analyze Accenture’s data.

Image: The Record

In the meantime, questions remain unanswered about the incident, with the biggest being how the LockBit gang managed to gain access to the network of one of the world’s largest multinationals.

Earlier today on Twitter, several cybersecurity firms began speculating and sharing theories about the Accenture hack. None offered any evidence for their claims, including one that went as far as to speculate that the ransomware attack was the result of a malicious insider.

Unverified screenshot but…🤔 pic.twitter.com/yJDKjWBINF

— Ely (@ely_sec) August 11, 2021

But while Accenture passed the incident as a mere scratch, the aftermath of this attack is expected to create at least some bad publicity for the company as a cyber-insurance provider.

However, Accenture wouldn’t be the first cyber-insurance provider to suffer a ransomware attack, as something similar also happened to AXA Group earlier this year.

Last week, the ACSC, Australia’s cybersecurity agency, had sent out an alert warning of a spike of activity from the LockBit gang.

The post Accenture downplays ransomware attack as LockBit gang leaks corporate data appeared first on The Record by Recorded Future.

Source: Read More (The Record by Recorded Future)

You might be interested in …

[HackerNews] Hackers Use New Trick to Disable Macro Security Warnings in Malicious Office Files

All posts, HackerNews

While it’s a norm for phishing campaigns that distribute weaponized Microsoft Office documents to prompt victims to enable macros in order to trigger the infection chain in the background, new findings indicate that macro security warnings can be disabled entirely without requiring any user interaction. In yet another instance of malware authors continue to evolve […]

Read More

[SecurityWeek] How to Spot an Effective Security Practitioner

All posts, Security Week

By understanding what makes a great security practitioner, organizations can learn how to recruit and retain effective security practitioners read more Source: Read More (SecurityWeek RSS Feed)

Read More

[ZDNet] Fraudsters employ Amazon ‘vishing’ attacks in fake order scams

All posts, ZDNet

Case studies highlight how scam artists are using voice messages to dupe their victims into handing over credentials or cash. Source: Read More (Latest topics for ZDNet in Security)

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.