Fortune 500 company Accenture has fell victim to a ransomware attack but said today the incident did not impact its operations and has already restored affected systems from backups.
News of the attack became public earlier this morning when the company’s name was listed on the dark web blog of the LockBit ransomware cartel.
The LockBit gang claimed it gained access to the company’s network and was preparing to leak files stolen from Accenture’s servers at 17:30:00 GMT.
In an emailed statement, Accenture not only confirmed the attack but also greatly played down its impact.
Through our security controls and protocols, we identified irregular activity in one of our environments. We immediately contained the matter and isolated the affected servers. We fully restored our affected systems from back up. There was no impact on Accenture’s operations, or on our clients’ systems.
But while Accenture said the incident was quickly contained, this didn’t stop the hackers from threatening to leak files they stole from the company’s internal network.
Just before this article was published, the countdown timer on the LockBit gang’s leak site also reached zero.
However, due to the high load on LockBit’s platform, none of the data could be either viewed or downloaded. Nevertheless, as interest dies down, the site is expected to recover and allow third-parties to download and analyze Accenture’s data.
In the meantime, questions remain unanswered about the incident, with the biggest being how the LockBit gang managed to gain access to the network of one of the world’s largest multinationals.
Earlier today on Twitter, several cybersecurity firms began speculating and sharing theories about the Accenture hack. None offered any evidence for their claims, including one that went as far as to speculate that the ransomware attack was the result of a malicious insider.
Unverified screenshot but…🤔 pic.twitter.com/yJDKjWBINF
— Ely (@ely_sec) August 11, 2021
But while Accenture passed the incident as a mere scratch, the aftermath of this attack is expected to create at least some bad publicity for the company as a cyber-insurance provider.
However, Accenture wouldn’t be the first cyber-insurance provider to suffer a ransomware attack, as something similar also happened to AXA Group earlier this year.
Last week, the ACSC, Australia’s cybersecurity agency, had sent out an alert warning of a spike of activity from the LockBit gang.
The post Accenture downplays ransomware attack as LockBit gang leaks corporate data appeared first on The Record by Recorded Future.
Source: Read More (The Record by Recorded Future)