Accenture recently confirmed in its financial report for the fourth quarter and full fiscal year that the LockBit ransomware gang stole data from its system during an attack that hit the company’s systems in August 2021.
The company said: “During the fourth quarter of fiscal 2021, we identified irregular activity in one of our environments, which included the extraction of proprietary information by a third party, some of which was made available to the public by the third party. In addition, our clients have experienced, and may in the future experience, breaches of systems and cloud-based services enabled by or provided by us.”
Although Accenture disclosed that attackers stole information from its system and leaked it online, the company refused to publicly admit the data breach outside of the SEC filings, suggesting that the stolen data likely did not contain personally identifiable information (PII) or protected health information (PHI) data that could have led to regulatory reporting requirements.