Accenture hit by massive ransomware attack

security
(Image credit: Shutterstock / binarydesign)

Accenture, counted amongst the world’s largest IT consultancy firms, has confirmed that its network has been breached by the LockBit ransomware.

The news of the attack, first reported by CNBC Senior Washington correspondent Eamon Javers on Twitter, has since been confirmed by Accenture itself. 

“These people are beyond privacy and security. I really hope that their services are better than what I saw as an insider. If you’re interested in buying some databases, reach us,” reads LockBit’s post on the dark web according to Javers, hinting that the attack was a classic double-extortion campaign where the hackers not only encrypt sensitive data, but also exfiltrate it with threats to leak, for additional pressure. 

TechRadar needs yo...

We're looking at how our readers use VPNs with streaming sites like Netflix so we can improve our content and offer better advice. This survey won't take more than 60 seconds of your time, and we'd hugely appreciate if you'd share your experiences with us.

>> <a href="https://project.tolunastart.com/tqsruntime/main?surveyData=LFFFsT0HpgsyUe0tTFumBJohXK8Sedt0ARpsCF4DRGR+oCoVbvd+2+d8+UNIIx4L" data-link-merchant="project.tolunastart.com"" target="_blank">Click here to start the survey in a new window <<

Accenture is the latest of the high-profile victims of ransomware operators who are now actively targeting billion-dollar corporations. In fact the number of ransomware attacks in 2021 has already surpassed last years’ total since businesses aren’t averse to paying the threat actors to prevent data leaks.

Negotiations underway?

Notably, while LockBit didn’t initially put up any proof of the stolen data, Javers tweeted that the group published over two thousand documents after the expiry of the initial countdown.

Soon after however, the files were replaced by another countdown timer, leading to speculation that the leak was enough to convince Accenture to negotiate with the threat actors.

While acknowledging the attack, Accenture played down its impact, assuring customers that it was on top of the situation.

“Through our security controls and protocols, we identified irregular activity in one of our environments. We immediately contained the matter and isolated the affected servers. We fully restored our affected systems from backup. There was no impact on Accenture’s operations, or on our clients’ systems,” assured Accenture in a statement to Reuters.

Mayank Sharma

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’s TechRadar Pro’s expert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.