Accenture under ransomware attack, stolen data could end up online
Accenture under ransomware attack
Accenture, a well-known company that operates in the consulting sector all over the world and which can count on many important customers, including Alibaba, Cisco and Google, recently confirmed that it was attacked by the LockBit group, which managed to enter possession of more than 6TB of data from the company's servers, demanding $ 50 million as a ransom. Fortunately, Accenture was able to recover the data from a backup, so the operation didn't affect its operations much.A hacker group using Lockbit Ransomware says they have hacked the consulting firm Accenture and will release data in several hours, CNBC has learned. They are also offering to sell insider Accenture information to interested parties.
- Eamon Javers (@EamonJavers) August 11, 2021
We've already told you about Lockbit on occasion of the recent attack on the Lazio region. As we told you in our article, "LockBit uses the" Ransomware as a Service "(RaaS) model: it means that developers provide their customers with infrastructure and malware, receiving a share of the ransom for decrypting files. The attack on the victim’s network is the responsibility of the purchaser of the service, and when it comes to distributing ransomware over the network, LockBit has designed an innovative technology that has been extensively described by Kaspersky experts. After the cybercriminals gain access to the network and reach the domain controller [...] they run their malware on the same controller. This creates new user group policies, which are then automatically distributed to each device on the network “.
Criminals are apparently ready to publish the stolen data online, as well as sell it to interested third parties. Cyble researchers also considered the possibility that it could have been an "insider job", bribing one of the employees to access the internal network.
#Accenture data release postponed! #Ransomware #LockBit # Lockbit2 pic.twitter.com/0Ns9LrtvCV
- Andrea Draghetti 👨🏻💻 🎣 (@AndreaDraghetti) August 11, 2021
At the moment, the online publication of the documents, in case the ransom is not paid, is scheduled for tonight at 20:43, so Accenture still has a few hours to fulfill the demands of the ransomware group.
Look for a good card mother to pair with the new Ryzen processors? ASUS ROG Strix X570-F with 14 power phases might be a good choice. You can find it on Amazon at a discounted price.
Accenture says affected systems restored after ransomware attack
Bengaluru: Accenture Plc said it has fully restored certain affected systems, after a CNBC reporter tweeted of a hacker group saying it attacked the IT consulting firm using LockBit Ransomware and threatened to release the data in several hours.'Through our security controls and protocols, we identified irregular activity in one of our environments. We immediately contained the matter and isolated the affected servers,' Accenture said in a statement. 'We fully restored our affected systems from backup, and there was no impact on Accenture's operations, or on our clients' systems.'
Accenture provides management and technology consulting services to clients including e-commerce giant Alibaba, Cisco and Alphabet Inc.'s Google, according to their 2020 annual report.FacebookTwitterLinkedin