Global IT consultancy giant Accenture was hit by a ransomware attack carried out by LockBit 2.0 ransomware operators according to an announcement made by the gang on their leak site.
The message posted on the data leak website reads as “These people are beyond privacy and security. I really hope that their services are better than what I saw as an insider.”
The group did not share any files as proof of the attack. According to the threat intelligence firm Cyble the ransomware gang has stolen databases containing over 6TB of data and are demanding a $50M ransom.
It is not clear how the threat actors breached the company and when the security breach took place
Accenture stated that through their security controls and protocols, they have identified irregular activity in one of their environments. They immediately contained the matter and isolated the affected servers.
They had fully restored the affected systems from back-up and there was no impact on Accenture’s operations, or on their clients’ systems.
LockBit, like its now-defunct DarkSide and REvil counterparts, operates using a ransomware-as-a-service (RaaS) model, together with other cybercriminals to conduct intrusion using its platform. The payments are usually divided between the criminal entity directing the attack and the core developers of the malware.
The ransomware group was started in September 2019, and in June 2021 LockBit 2.0 was launched along with an advertising campaign to recruit new partners.
Emsisoft stated that LockBit claims to offer the fastest data exfiltration on the market through StealBit, a data theft tool that can allegedly download 100 GB of data from compromised systems in under 20 minutes.
Some of LockBit’s past victims include the Press Trust of India and Merseyrail.
Image Credits : Marcopolonetwork