Multinational IT service provider Accenture has been struck with ransomware according, to recent reports. The LockBit ransomware group has claimed responsibility for the ransomware attack that saw them compromise around 6 TB of data. After gaining access to the data, the group demanded a $50 million payment for Accenture to recover the data and claim they will publish the information if payment is not received. Accenture has not paid anything as of now and have claimed they restored the lost data from backups. A quote from Accenture read, “We fully restored our affected systems from back-up. There was no impact on Accenture’s operations, or on our clients’ systems. Through our security controls and protocols, we identified irregular activity in one of our environments. We immediately contained the matter and isolated the affected servers.” LockBit attacks continue to increase in recent weeks and will likely announce new attacks soon.
Accenture has notified a small number of customers and continues to contact all that were affected. Those who may have had their information compromised should be cautious of other attacks that may follow based on the type of information that was included. To better protect themselves, Accenture should consider combining an anti-virus solution with endpoint monitoring. At Binary Defense our dedicated analysts in the Security Operations Center (SOC) will monitor endpoints on a 24/7 basis for any signs of intrusion and work with or clients to mitigate the attack before it becomes a larger issue.