Accenture acknowledges data breach stemming from ransomware attack

Through its latest financial report, IT consultancy Accenture confirmed that its systems were infected by operators of the LockBit ransomware variant, resulting in the compromise of the company’s sensitive information during the month of August 2021.

In addition to confirming this incident, Accenture recognizes that a company like this has always been, is and will be the target of many of the world’s most dangerous hacking groups, so its services, systems and data will be constantly exposed to all kinds of malicious activities, including unauthorized disclosure of information, malware infections and other attack variants.

About this incident, the company mentions that the attack was detected during the fourth quarter of the fiscal year in turn, involving the leak of proprietary data by a third party. Accenture added that many of its clients could experience potential security incidents stemming from the attack on their systems.

Although the company did not elaborate, ransomware specialists report that LockBit hackers claim to have stolen 6 TB of sensitive information from Accenture, demanding that the company pay a $50 million ransom. Accenture also reportedly requested the support of external cybersecurity advisors.

Experts also believe that the company had not publicly disclosed the attack because the compromised information is not considered critical to its operations and those of its enterprise customers.

This only confirms the multiple reports that were published at the time about a possible ransomware attack against Accenture and that paralyzed various operations. Although the company never confirmed such an incident, LockBit ransomware hackers revealed the attack on their own dark web-hosted platforms.

Recently, a spokesperson for the company issued a new statement, mentioning that its customers were fully aware of the incident and all necessary measures had already been taken to prevent subsequent leaks stemming from this incident.   

To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.