Accenture Suffers Ransomware Attack; USD 50 Million Ransom Demanded

Recently, Accenture released a statement that the organization suffered a ransomware attack that compromised the giant’s confidential data. The nefarious actors, who employed LockBit to cripple the MNC, have threatened to release the company’s data to the public.

The attack was first reported by CNBC correspondent Eamon Javers who spotted a post on the Dark Web which stated the nefarious actors, known as LockBit 2.0, were willing to sell Accenture’s insider information to interested parties.

Although Accenture commented that they contained the attack by isolating the servers, the hacker group published thousands of files on the Dark Web. These files include quotes, case studies, and other detailed documents that purportedly rock the boat of Accenture. However, the company downplayed the impact of the attack by stating that there is no overall impact.

The ransomware, LockBit, first emerged in September 2019 and is often perceived as one of the most efficient ransomware strains as most of the attack functions can be automated. The ransomware strain encrypts the compromised data using AES protocol, and the nefarious actors typically demand a huge ransom to unlock the data. Due to the automation advantages, the room for failure in this ransomware attack is low. That makes LockBit one of the preferred ransomware variants globally.

Also Read: How Can Companies Be More Resilient in the Face of Ransomware Threats?

It is appalling that though Accenture spotted LockBit ransomware in their servers on July 30, the giant didn’t report the attack until CNBC broke the news on August 11. Although the company sent out a cybersecurity report focused on ransomware attacks, the company omitted the LockBit attack entirely.

As per the internal memo secured by CyberScoop, the data theft pertains to a “small number” of Accenture clients, and “none of the information is of a highly sensitive nature.” IT Threat intelligence company Hudson Rock stated that 2,500 computers of Accenture and its partners were compromised before the attack. LockBit 2.0 likely executed the attack using these compromised computers.

LockBit 2.0 has put forth a ransom demand of USD 50 million for the stolen 6 TB data. However, Accenture has not commented on the ransom demand yet. The giant said that they have fully restored their affected servers from their backup reserve.

However, the situation is bleak as LockBit 2.0’s has threatened to release further details soon. Accenture’s nebulous stance is not helping it nor anyone in this matter.

Also Read: Poly Network Suffers Major Crypto Heist, Hackers Haul Away USD 600 Million!


Accenture CEO Julie Sweet

In an investor call in June 2021, Accenture CEO Julie Sweet stated that Accenture would focus on security. “We’re going to make acquisitions to scale…to add new skills and opportunities,” she said. “We’ve built a lot of interactive through acquisitions [through] those renewed skills and capabilities [as well as] deepen industry and functional knowledge.

This is a continuation of that. The advantage we have is our financial capacity to make investments and to increase our investment for the benefit of our clients and all of our stakeholders. When we see the right opportunities, we’re going to continue to have that discipline around making strategic acquisitions.”

Ironically, Accenture has recently acquired Novelta, a cybersecurity firm that primarily provides security services to the U.S. government, in June 2021. The Accenture executives firmly believed that the acquisition would bring in advanced capacities which will fortify their solutions. However, despite the acquisition and attack detection in July, the solutions giant was nothing but helpless in the face of the attack.

Also Read: How small businesses can fend off cyber attacks

Underscoring the ransomware threat was the IDC survey, which observed that one-third of the surveyed organizations suffered a ransomware attack. From Colonial Pipeline to JBS to Kaseya, various industries are falling prey to ransomware variants.

Moreover, only 13 percent of the attacked organizations chose not to pay the ransom. Judging from these recent attacks, it is clear that the cybercriminals have realized that IT and critical infrastructure sectors are lucrative and easy targets.

Contact Us

More Articles: