Accenture hit with LockBit 2.0

Accenture has fell victim to a ransomware attack but said today the incident did not impact its operations and has already restored affected systems from backups.

News of the attack became public earlier this morning when the company’s name was listed on the dark web blog of the LockBit ransomware cartel.

The LockBit gang claimed it gained access to the company’s network and was preparing to leak files stolen from Accenture’s servers at 17:30:00 GMT.

Through our security controls and protocols, we identified irregular activity in one of our environments. We immediately contained the matter and isolated the affected servers. We fully restored our affected systems from back up. There was no impact on Accenture’s operations, or on our clients’ systems.

Accenture spokesperson

But while Accenture said the incident was quickly contained, this didn’t stop the hackers from threatening to leak files they stole from the company’s internal network.

The countdown timer on the LockBit gang’s leak site also reached zero. Following this event, the LockBit gang leaked Accenture’s files, which, following a cursory review, appeared to include brochures for Accenture products, employee training courses, and various marketing materials. No sensitive information appeared to be included in the leaked files.

In the meantime, questions remain unanswered about the incident, with the biggest being how the LockBit gang managed to gain access to the network of one of the world’s largest multinationals.

Accenture passed the incident as a mere scratch, the aftermath of this attack is expected to create at least some bad publicity for the company as a cyber insurance provider.

Accenture wouldn’t be the first cyber insurance provider to suffer a ransomware attack, as something similar also happened to AXA Group earlier this year.