Accenture states ransomware incident also involved data breach

Gang claiming responsibility says it stole six terabytes of data from the consultancy

Accenture states ransomware incident also involved data breach

Cyber

By Lyle Adriano

Months after it suffered a ransomware attack that it originally claimed had “no impact” on its business, Accenture has now revealed that the incident also led to a data breach.

In its financial report for the fourth quarter and full fiscal year, Accenture confirmed that a ransomware group behind the malware attack in August also made off with company data.

“In the past, we have experienced, and in the future, we may again experience, data security incidents resulting from unauthorised access to our and our service providers’ systems and unauthorised acquisition of our data and our clients’ data including: inadvertent disclosure, misconfiguration of systems, phishing ransomware or malware attacks,” the IT services company said in its financial report.

Accenture said in its financial report that it had first detected the “irregular activity” in its systems during the fourth quarter of fiscal 2021. The activity included “the extraction of proprietary information by a third party,” and some of the data was made available to the public by that third party, the company said.

The company also admitted that due to its data breach, some of its customers’ sensitive information was also compromised.

“In addition, our clients have experienced, and may in the future experience, breaches of systems and cloud-based services enabled by or provided by us.”

Although Accenture did not specifically name the ransomware group responsible for the cyberattack, it is believed that it was carried out by the LockBit group. In August, the group posted Accenture’s name on its website and threatened to leak data it claims it stole from the company. LockBit demanded a ransom payment of US$50 million in exchange for the 6 TB of stolen data.

When the cyberattack first occurred, Accenture denied claims by the LockBit gang that the latter had stole the credentials of its customers. These credentials would enable the threat actors to compromise the networks of Accenture’s clients. When it first broke the news in August, Accenture also maintained that the attack had “no impact” on its operations, and that LockBit’s claims were false.

BleepingComputer reported that while Accenture has confirmed that hackers stole data from its systems and leaked it, the company has yet to publicly acknowledge the data breach outside of SEC filings or filed data breach notification letters with the authorities.

Related Stories

Keep up with the latest news and events

Join our mailing list, it’s free!