CYBER SITREP – Accenture v Lockbit 2.0

-SITUATION REPORT-

Target Company

Accenture – Fortune Global 500 company specializing in consulting services with reported revenues of $44 billion in 2020 and over 500,000 employees.

Cyber Attacker

Lockbit 2.0, hacker group that allegedly utilizes Lockbit Ransomware (an attack that leverages AES encryption to prevent access to data and resources until ransoms are paid by target companies).

Attack Vector

While Accenture has not publicly commented how the attack occurred, Cyble, a company that specializes in Darkweb and Cybercrime Monitoring, tweeted, “The threat actors have alleged to gain databases of over 6TB and demanding $50M as a ransom. They also alleged that it’s an insider job, by someone who is still employed there (unlikely though).”

Ransom Amount

$50million USD

Compromised Data

Hackers allege to have 6TBs of Data (unconfirmed by Accenture).

Data Released

2,384 files (allegedly seized from the Accenture attack) released by Lockbit2.0 via the dark web on 8/11. Data found there was compromised of PowerPoint presentations, case studies, quotes, internal memos, etc. (reported by VX-Underground).

Current Status

Accenture official comment: “Through our security controls and protocols, we identified irregular activity in one of our environments. We immediately contained the matter and isolated the affected servers,” reported by Eamon Javers, Senior Washington Correspondent for CNBC. Accenture has not commented on the type of attack, how the attack occurred, or any ransom demands at this time.

How We Can Help

As the number of Cyber Attacks rise dramatically and begin shifting focus to medium and small size businesses, a strong control environment is more important than ever. Understanding Cyber risks are critical to safely operating in a digital landscape and protecting your data and customers from malicious attackers.

Clearview Group utilizes a multi-faceted approach to help clients by assessing technology and cybersecurity readiness that is vital to the security of your business. We specialize in providing world class risk assurance from cyber assessments focused on best practice frameworks to annual IT SOX testing. Our team is ready to help you protect your business from cyber criminals and give confidence to your Board of Directors and Audit Committee members, so you focus on what matters most, safely delivering goods and services to your customers.

For more information, contact: content@cviewllc.com.

 

More in Risk & IT Risk Advisory