According to new reports, Accenture claims that it has contained a ransomware attack initiated by cybercriminals and minimised its impact on it and its system.
The LockBit ransomware gang announced the attack Tuesday night on its dark web leak site, setting a deadline of Thursday evening for payment.
The consulting major Accenture said in a statement that it had “identified irregular activity in one of our environments” and “immediately contained the matter and isolated the affected servers.”
It did not specify when the incident occurred — or acknowledge that it was ransomware. But the description of its response was consistent with ransomware. “We have fully restored our affected systems from back up. There was no impact on Accenture’s operations, or on our clients’ systems,” states Accenture.
According to cyber experts, the Accenture attack comes on the heels of another high-profile attack targeting clients via the solution providers that they depend on for IT services. In that attack, hackers breached the VSA RMM (remote monitoring and management) technology of Miami-based Kaseya, giving them access to clients of several MSPs who depend on the Kaseya technology to run parts of their business.
The Dublin-based company would not say how many servers were affected or whether data was stolen and, if so, how much and what kind.
The Atlanta-based cybersecurity intelligence firm Cyble shared with The Associated Press chat images that it said were from Lockbit’s official communications channel. In them, the criminals claim they stole more than 6 terabytes of “top secret” data from Accenture, for which they said they were demanding $50 million.
Accenture would not comment on what data, if any, was exfiltrated by the criminals. LockBit is a Russian-speaking ransomware syndicate that does not target former Soviet countries. It is one of the most efficient ransomware variants around, according to the cybersecurity firm Emsisoft. Active since September 2019, it has attacked thousands of organizations.
Commenting on the development, Arvian Research said the Accenture ransomware attack is yet another clarion call to action for every company to review their security technology posture and procedures. “There is a renewed synergy among nation-state and independent actos to get involved in cybercrime. Since a $45 billion company like Accenture is vulnerable then we have to take calculated steps to contain it,” said Arvian Research.