Accenture confirms information breach after August ransomware assault


International IT consultancy big Accenture confirmed that LockBit ransomware operators stole information from its programs throughout an assault that hit the corporate’s programs in August 2021.
This was revealed within the firm’s monetary report for the fourth quarter and full fiscal yr, which ended on August 31, 2021.
“Previously, we’ve got skilled, and sooner or later, we might once more expertise, information safety incidents ensuing from unauthorized entry to our and our service suppliers’ programs and unauthorized acquisition of our information and our shoppers’ information together with: inadvertent disclosure, misconfiguration of programs, phishing ransomware or malware assaults,” Accenture stated.
“In the course of the fourth quarter of fiscal 2021, we recognized irregular exercise in one in all our environments, which included the extraction of proprietary data by a 3rd get together, a few of which was made obtainable to the general public by the third get together.
“As well as, our shoppers have skilled, and will sooner or later expertise, breaches of programs and cloud-based providers enabled by or supplied by us.”
The LockBit ransomware gang claimed to have stolen six terabytes of knowledge from Accenture’s community and demanded a $50 million ransom.
Sources accustomed to the assault additionally advised BleepingComputer that Accenture confirmed the ransomware assault to at the very least one cyber risk intelligence vendor.
Regardless that Accenture has now confirmed that the attackers stole data from its programs and leaked it on-line, the corporate has not but publicly acknowledged the information breach exterior SEC filings or filed information breach notification letters with related authorities.
This possible signifies that the stolen information did not comprise any personally identifiable data (PII) or protected well being data (PHI) information which might’ve triggered regulatory notification necessities.

LockBit information leak web site (BleepingComputer)
Accenture denies claims of stolen buyer credentials
The ransomware assault was broadly coated on the time, with the IT big telling BleepingComputer that each one affected programs had been absolutely restored from backups, with no influence on Accenture’s operations or its shoppers’ programs.
In September, the corporate denied claims made by the LockBit gang that in addition they stole credentials belonging to Accenture prospects that may allow them to compromise their networks.
Though the risk actors declined to call any victims in conversations with BleepingComputer, they stated they’d breached and encrypted the programs of an airport utilizing Accenture software program.
Their claims align with at the very least two assaults that led to encrypted programs on the networks of Bangkok Airways and Ethiopian, two airline firms.
Each incidents befell after LockBit compromised the programs of Accenture, allegedly with the assistance of an insider.
“We’ve got accomplished an intensive forensic assessment of paperwork on the attacked Accenture programs. This [LockBit’s] declare is fake,” Accenture advised BleepingComputer, denying that buyer credentials had been stolen within the August ransomware assault.
“As we’ve got said, there was no influence on Accenture’s operations, or on our shopper’s programs. As quickly as we detected the presence of this risk actor, we remoted the affected servers.”
Accenture is a Fortune 500 firm and one of many world’s largest IT providers and consulting companies with greater than 624,000 workers throughout 120 nations, offering providers to a wide selection of business sectors, together with banks, authorities, know-how, vitality, telecoms, and extra.
An Accenture spokesperson replied with the corporate’s authentic assertion when contacted by BleepingComputer earlier as we speak for extra particulars on the stolen and leaked proprietary data, including that shoppers had been “absolutely knowledgeable on related particulars concerning the incident.”