A hacker group attacked IT consulting firm Accenture using LockBit ransomware and threatened to release the data in several hours, a CNBC reporter tweeted.
Accenture said it has restored certain affected systems.
“Through our security controls and protocols, we identified irregular activity in one of our environments. We immediately contained the matter and isolated the affected servers,” Accenture said in a statement on Wednesday.
“We restored our affected systems from backup, and there was no impact on Accenture’s operations, or on our clients’ systems.”
Accenture provides management and technology consulting services to clients including e-commerce giant Alibaba, Cisco and Alphabet’s Google, according to their 2020 annual report.
Accenture, a global cyber consulting company providing management and consulting services, have been breached by a cyber threat using a strain of ransomware known as LockBit.
LockBit attacks are known for their ability to encrypt Windows domains by using Active Directory group policies. Once a domain is infected, new group policies are generated by the malware and sent to devices linked to the network.
Using LockBit 2.0, the attacker claims to have stolen over 6TB of Accenture’s data and is demanding $50M in exchange. LockBit operators claimed to have gained access to Accenture’s network and were preparing to leak files stolen from Accenture’s servers at 17:30:00 GMT. The hack was announced on the leak site, stating that:
However, with the level of controls, the clientele involved, and the possible data at risk, some are arguing that this is severely downplaying the breach. In fact, the ransom of $50 million has still not been confirmed by Accenture and, with Accenture not answering questions regarding what had specifically been affected, if data had been accessed or even how much the ransomware demand was/is, no hard confirmation has been supplied by them yet.
A SecurityHQ expert said ransomware attacks are increasing by the day. “You need to be prepared. Read our whitepaper on Ransomware Controls – SecurityHQ’s Zero Trust x40, for 40 recommendations to help your organization safeguard against threats, both future and current.”