Skip to content
Codenotary
All posts

accenture-falls-victim-to-ransomware

Accenture falls victim to ransomware

Accenture; one of the biggest IT Consultancies in the world has recently been hit by a ransomware attack carried out by Lockbit 2.0 operators. This was publicly disclosed on Lockbit’s leaks site where they were demanding a staggering $50,000,000

Accenture is known to work with a multitude of clients across a wide array of industries as outlined on their Case Studies & Stories section and as such, it employs over half a million people in as many as 50 different countries; This shows the potential reach for a cyberattack such as this, potentially endangering sensitive data from all parties involved (Company, employees and clients alike)

“These people are beyond privacy and security. I really hope that their services are better than what I saw as an insider. If you’re interested in buying some databases reach us” is posted on their leak site as a message below their counter for publishing all the leaked files

A screenshot of Lockbit's leak site advertising the possible leak/demanding payment

More on the attack

According to the Cyble research team and Hudson Rock as much as 6 TB of files and as many as 2,500 computer systems including employees and partners have been compromised

Although the main goal of a ransomware attack is usually to encrypt files in exchange for money, Accenture stated that they were able to quickly recover the affected system "We fully restored our affected systems from backup, and there was no impact on Accenture’s operations, or on our clients’ systems." but at this point, the damage was already done, the attackers had already extracted the files from the affected systems.

On Codenotary Cloud

At Codenotary we understand how important it is to secure your systems to prevent this and many other similar incidents but more importantly, we detected the need for a robust solution that didn’t depend on digital dertificates because of how cumbersome things can be once a certificate is revoked (For more information on digital certificates, read our blog post on them).
With our Codenotary Cloud and its multiple integrations you can prevent this and many other types of cyberattacks by only introducing or releasing software that you can not only trust but also cryptographically verify to prevent unauthorized or tampered versions from ever reaching those systems.

To learn more about how you can implement end-to-end zero-trust protection for your CI pipelines and deployments visit Codenotary and signup for the Cloud version.