Accenture Confirms Knowledge Breach After August Ransomware Attack


The monetary trade is booming, with progressive companies discovering new methods to disrupt how we manage cash. From peer-to-peer lending to cell wallet solutions, fintech is the future of financial services. Advocate Aurora Health is a Midwest-based non-profit healthcare provider that serves over 3 million folks. It has twin headquarters in Downers Grove, Illinois, and Milwaukee, Wisconsin, and only services the 2 states. Everything from worldwide automotive companies to file storing databases like Dropbox are affected.

Accenture Security is a leading supplier of end-to-end cybersecurity companies, including advanced cyber defense, applied cybersecurity solutions and managed security operations. We bring safety innovation, coupled with world scale and a worldwide supply functionality through our network of Advanced Technology and Intelligent Operations centers. Helped by our staff of highly expert professionals, we allow shoppers to innovate safely, construct cyber resilience and grow with confidence. As of this writing, the responsible ransomware group might nonetheless leak personal knowledge if ransom demands aren’t met. While the complete situation can’t simply be assessed by outdoors observers at this time, every enterprise ought to recognize the necessity to augment cyber security protocols to stop, detect and mitigate ransomware threats.

Accenture had earlier famous that the group primarily targets firms with annual revenues of between $1 billion to $9 billion. But while Accenture passed the incident as a mere scratch, the aftermath of this attack is predicted to create at least some dangerous publicity for the corporate as a cyber-insurance provider. Just earlier than this text was revealed, the countdown timer on the LockBit gang’s leak website additionally reached zero. Following this event, the LockBit gang leaked Accenture’s information, which, following a cursory evaluate, appeared to incorporate brochures for Accenture merchandise, employee training courses, and varied advertising materials. In an emailed statement, Accenture not only confirmed the attack but also greatly played down its influence. News of the attack became public earlier this morning when the company’s name was listed on the dark net weblog of the LockBit ransomware cartel.

The Dublin-based company would not say how many servers have been affected or whether or not information was stolen and, if that’s the case, how a lot and what sort. Limit or avoid the publicity of internal company technical procedures and infrastructure in presentations from third-party technology partners. Train workers to restrict the amount of work info they share on social media platforms and how to identify social engineering ploys.

However, the ransomware gang claims it compromised Accenture through an insider, but many specialists dispute the claim given the size of the assault. Accenture has not disclosed how the LockBit ransomware gang infiltrated its methods or the scope of the ransomware attack. Accenture suffered a LockBit ransomware assault that reportedly encrypted no less than 2,500 computers and leaked shopper data.

Although it’s unsure if that is true or if this was used as a diversion, Accenture was swift to refute the claims and has underplayed the impression created by the ransomware on their techniques thereafter. We urge organizations to patch any instances of the vulnerability on their F5 products to avoid the chance of a ransomware assault. LockBit hit back by posting 2300 files that contained company communication data and has hinted that more will comply with. This uniquely nasty ransomware is known as “Agenda” for the moment. Though we won’t know the total extent of the new ransomware’s impression till the menace is contained, we have some preliminary information stemming from descriptions provided by Agenda victims. To say it is concerning that greater than 2,000 information breaches occurred in the first half of 2022 alone can be a dramatic understatement.

VX Underground, which claims to have the Internet’s largest assortment of malware supply code, on Wednesday tweeted a timer supposedly from the hacker group exhibiting the amount of time before the assault on Accenture’s knowledge would begin. Threat intelligence firm Hudson Rock meanwhile stated 2,500 computer systems of employees and partners were compromised prior to the assault. Given that Accenture did not pay the requested amount in due time, the attackers printed over 2,000 files allegedly stolen through the incident, threatening to publish more of them. Companies with annual revenue between $1 billion and $9.9 billion accounted for more than half (54%) of ransomware and extortion victims, followed by firms with annual revenue between $10 billion and $20 billion (20%).

Dedicated leak web site knowledge additional reduces the chance of a goal discovering a social engineering ploy by allowing actors to higher adhere to internal organizational pathways. For instance, it facilitates following typical, anticipated communication channels and command chains. Business email compromise is turning into a extra subtle cyber threat because of the provision of sensitive corporate information on the darkish web. This is problematic, as BEC and its derivates, such as vendor email compromise and bill fraud, are the largest tusimple 1.3b 8b categories of malicious exercise in phrases of financial losses. In 2021, victims misplaced an estimated $2.4 billion to BEC scams, totaling greater than a third of all cybercrime losses ($6.9 billion) and inflicting extra losses than ransomware attacks, based on FBI estimates. The widespread use of ransomware with the utilization of data disclosures has made sensitive company information highly obtainable on the criminal underground, with such data obtainable free of charge or a fee to any threat actor.



Comments are closed.