Accenture Attacked by Ransomware, Restores Affected Systems

Global consulting firm Accenture confirmed on Wednesday that the alleged ransomware attack by LockBit 2.0 is real but that it has been “fully resolved.”

The ransomware group did not release any sensitive files when their countdown timer first ran out on Wednesday. They have since reset the timer for August 12, 8:43 PM UTC.

The LockBit group first announced the attack on the dark web and threatened to leak and sell the data if Accenture failed to pay the ransom of $50 million.

According to the cybersecurity firm Cyble, the criminals claimed they stole six terabytes worth of “top secret” information, procured from LockBit’s official communications channel.

Ransomware Attack and Response

On Wednesday, a CNBC reporter tweeted about the ransomware attack against Accenture.

Accenture has since released a statement, saying, “Through our security controls and protocols, we identified irregular activity in one of our environments. We immediately contained the matter and isolated the affected servers.”

“We fully restored our affected systems from backup, and there was no impact on Accenture’s operations, or on our clients’ systems,” it added.

Accenture is a global consulting firm that provides management and consulting services to its clients. According to its last annual report, its list of clients includes Alibaba, Google, and Cisco.

Rise in LockBit Gang Activity and Ransomware

The LockBit gang first gained notoriety in September 2019. The gang leases their ransomware to third parties, and in return, receives a cut in the ransom.

In 2020, INTERPOL warned of a rise in LockBit ransomware attacks. Some of the major victims of the group include Merseyrail, a UK-based rail network, and the Press Trust of India, an Indian news organization.

According to the U.S. Government, ransomware is now a critical threat to national and economic security.

This year has seen a sharp rise in high-profile ransomware attacks. In July, Russian-linked gang REvil demanded $70 million to return the information it stole in a cyber attack.

It was also reported that fraudsters are setting up phony call centers to trick users into installing malware. The campaign, known as “BazaCall,” allows hackers to inject ransomware into a system.

This recent wave has shaken up the cyber-insurance industry. Consequently, many insurers are seeing a spike in demand for coverage, and insurers are seeing a rise in insurance premiums.

To learn more about ransomware, and what you can do to prevent it, check out our article on the subject.

Technology policy researcher
Prateek is a technology policy researcher with a background in law. His areas of interest include data protection, privacy, digital currencies, and digital literacy. Outside of his research interests, Prateek is an avid reader and is engaged in projects on sustainable farming practices in India.