Accenture reveals Hack right after LockBit Ransomware Data Leak Threats

Accenture reveals Hack right after LockBit Ransomware Data Leak Threats

Accenture, a global IT consultancy giant has supposedly been hit by a ransomware attack from the LockBit ransomware group. Accenture is an IT giant known to serve a wide range of industries including automobiles, banks, government, technology, energy, telecoms, and a lot more.

Priced at $44.3 billion, Accenture is one of the world’s largest tech consultancy firms employing around 569,000 employees across 50 countries.

How is Ransomware Gang threatening to leak hijacked Information?

A ransomware gang also known as LockBit 2.0 is threatening to publish files and data allegedly hijacked from Accenture during a recent Cyberattack. The threat actors said that will publish the information later today if a ransom is not paid, as seen by our experts:

Accenture-reveals-Hack-right-after-LockBit-Ransomware-Data-Leak-Threats-image1

On the other hand, LockBit has not shown proof of the hijacked information; they only claim to be willing to sell it to any interested parties. “These people are beyond privacy and security. I really hope that their services are better than what I saw as an insider. If you are interested in buying some databases reach us,” states LockBit on their data leak site.

The exact information as to when the hijack occurred, when it was analyzed, its scope or, the technical causes of exploitation are yet to be known. Accenture told our experts that affected systems had been recovered from a backup:

“Through our security controls and protocols, we identified irregular activity in one of our environments. We immediately contained the matter and isolated the affected servers.” “We completely restored our affected systems from back-up. There was no harm on Accenture’s operation, or on our clients’ systems,” Accenture told our experts.

Around 6 TB of files were hijacked, and ask for a $50 million ransom!

In the conversation seen by our researchers, the LockBit ransomware groups claim to have hijacked six terabytes of information from Accenture and are demanding a $50 million ransom.

The threat actors claim to have gotten access to Accenture’s network through a corporate “insider.” Sources familiar with the attack have told our experts that Accenture had confirmed the ransomware attack to at least one CTI vendor, and the IT services provider is also in the process of alerting more customers.

Moreover, cybercrime intelligence firm Hudson Rock shared that Accenture had 2,500 negotiated systems belonging to employees and partners:

Accenture-reveals-Hack-right-after-LockBit-Ransomware-Data-Leak-Threats-image2

LockBit has previously hit the victims too hard, including UK’s various firms. Earlier this week, the Australian government had an alert of increasing LockBit 2.0 ransomware attacks, after the group was seen actively recruiting insiders at companies they plan on hijacking, in exchange for millions of dollars in rewards. Our experts had reached out to Accenture well in advance of publishing but received a quote after press time which has been added with proper attribution.

Leave a Reply