The hacker group LockBit has reportedly threatened to release sensitive data and sell insider information from Accenture, the global management consulting company.
The attack was first reported by CNBC reporter Eamon Javers in a tweet on Wednesday morning after he noticed an anonymous post on the Dark Web that read “These people are beyond privacy and security.” In response, Accenture confirmed they had been hit with a ransomware attack but did not provide details about how it happened or what type of malware is used for ransom demands.”
“Through our security controls and protocols, we identified irregular activity in one of our environments. We immediately contained the matter and isolated the affected servers. We fully restored our affected servers from back up. There was no impact on Accenture’s operations, or on our clients’ systems,” Accenture wrote.
The attacker used LockBit to attack a global consulting firm, which is No. 1 on CRN’s 2021 Solution Provider 500 list. This strain of ransomware prevents users from accessing infected systems until ransom payments are made and according to New Zealand-based cybersecurity company Emisisoft it has an estimated infection rate of over 25%(according to them).
“It has been highly active since it emerged in 2019 and has impacted thousands of organizations around the world. Many of LockBit’s attack functions are automated, making it one of the most efficient ransomware variants on the market,” Emisisoft wrote in a blog post.
VX Underground, which claims to have the Internet’s largest collection of malware source code and has a history for hacking into major business networks before attacks happen tweeted an ominous timer supposedly from the hacker showing how much time there is left until Accenture’s data starts being hacked. The clock on this countdown had already passed so it seems like something could be coming soon.
Accenture breach is yet another call to action for every company to review their security technology posture and procedures. “If a $45 billion company like Accenture is vulnerable then everyone is vulnerable,”
His advice to his customers is move quickly to beef up cybersecurity. “It’s easier for smaller companies to move quickly to protect themselves with the appropriate software and tools that are out there rather than a large company AccentureGoldstein , Accenture
Accenture’s AWS S3 storage buckets were left unsecured on servers that were configured for public access and publicly downloadable, so they started to acquire security companies. Accenture has been acquiring security companies since it found in 2017 that its Amazon Web Services (AWS) Simple Storage Service (S3) had unprotected storage buckets with data available without any authentication required.