Accenture Hit by Lockbit Ransomware Attack

Accenture have become one of the latest victims of a massive ransomware attack, with stolen files briefly shared.

Global IT consulting firm Accenture have become the victims of a ransomware attack orchestrated by the Lockbit group, with encrypted data reportedly stolen from the company. Lockbit says it will leak the data if the ransom is not paid. Accenture are the latest victims of a surge in ransomware attacks, increasingly targeting billion-dollar corporations, with ransomware gangs hoping to increase their profits.

While Lockbit did not initially offer any proof that they had the data, it has been reported that, following the expiry of an initial countdown, Lockbit published two thousand documents, which were promptly deleted and replaced with a new countdown. It has been suggested that this initial leak was enough to convince Accenture that the threat is legitimate and serious. Accenture are downplaying the seriousness of the attack, assuring customers that the situation is being dealt with. In a statement to Reuters, Accenture said: “Through our security controls and protocols, we identified irregular activity in one of our environments. We immediately contained the matter and isolated the affected servers. We fully restored our affected systems from backup. There was no impact on Accenture’s operations, or on our clients’ systems”.

Lockbit 2.0 – the latest version of the ransomware – was rolled out earlier this month, implementing new features. This new version of Lockbit encrypts a device, before setting the wallpaper to a ransom note while claiming responsibility for the attack; a more detailed .txt file is also provided. Astonishingly, the new wallpaper also contains an advert that is effectively recruiting for leakers within the affected business, offering millions of dollars in exchange for access to company systems. It isn’t unheard of for employees to breach the companies they work for. In 2020, a US-based Russian citizen was arrested after offering $1 million to a Tesla employee in exchange for access to the company’s systems.