According to an announcement published by the gang on their leak site, global IT consultancy firm Accenture was hit by a ransomware attack carried out by LockBit 2.0 ransomware operators.
“These people are beyond privacy and security,” reads a warning on the data leak website. I really hope their services are better than what I saw as an insider.”
The gang did not provide any evidence of the incident.
The ransomware gang has stolen databases containing over 6TB of data, according to threat intelligence firm Cyble, and is demanding a $50 million ransom.
It is unknown how the threat actors gained access to the company or when the security breach occurred.
Accenture stated that irregular activity was discovered in one of their environments as a result of their security controls and protocols.
They quickly brought the situation under control and isolated the afflicted servers.
There was no impact on Accenture’s operations or their clients’ systems because they had fully restored the damaged systems from backup.
LockBit, like its now-defunct DarkSide and REvil predecessors, uses a ransomware-as-a-service (RaaS) model to perform intrusions with the help of other cybercriminals.
Payments are frequently split between the criminal entity that directed the attack and the malware’s primary developers.
In September 2019, the ransomware organisation formed, and in June 2021, LockBit 2.0 was released, accompanied with an advertising campaign to recruit additional partners.
According to Emsisoft, LockBit’s StealBit data theft program can supposedly download 100 GB of data from hacked systems in just 20 minutes, making it the quickest data exfiltration tool on the market.
The Press Trust of India and Merseyrail are two of LockBit’s previous victims.
You might also like: