Global consulting giant Accenture was the victim of a ransomware attack by a gang known as Lockbit 2.0 on Wednesday.
As first reported on Twitter by CNBC’s Eamon Javers, the attackers claim to have had the assistance of an insider and offered to sell stolen data if the ransom wasn’t paid. Australian security firm Cyble later tweeted that 6 TB of data has been stolen, and the ransom demanded was US$50 million.
Last night, the attackers released almost 2,400 files after the payment deadline passed, but Javers tweeted that they appeared to be case studies, quotes, and PowerPoints, and a security researcher later tweeted that no client data had been observed. After the data was made public, the ransom timer was reset; that countdown will end late this afternoon.
CNN Business quoted an Accenture spokesperson who admitted there had been an attack but did not confirm that it was ransomware. The statement said,
“Through our security controls and protocols, we identified irregular activity in one of our environments. We immediately contained the matter and isolated the affected servers. We fully restored our affected systems from back up. There was no impact on Accenture’s operations, or on our clients’ systems.”
IT World Canada has reached out to Accenture for comment and will update this story as more information becomes available. Stay tuned.