Accenture, an Irish-based global IT consultancy company, confirmed that it has suffered a ransomware cyber attack from the notorious LockBit 2.0 ransomware gang.
LockBit 2.0 group claims that they have stolen over 6 TB of files, for which they are asking a ransom payment of over 40 million euros. According to a statement posted by the ransomware group, the stolen data will be published if the demanded sum will not be paid before the set deadline.
“These people are beyond privacy and security. I really hope that their services are better than what I saw as an insider. If you’re interested in buying some databases reach us,” LockBit states on their darknet website.
After the timer on their website reached zero, the ransomware gang published a folder, named W1, that contains a set of PDF files, most likely as a proof of their cyber attack.
Accenture is not intending to pay
Accenture released that they have discovered irregular activities in one of their environments, but that the exposed servers were shut down immediately. The company claims that they fully restored the affected servers from backups and that clients will not be impacted by the cyber attack. Several sources from client companies also said that their data was not affected and that they received guarantees from Accenture that the situation is under control.
The IT consulting company did not share any details of the attack, when exactly the breach happened or other technical details.
Accenture is an IT company that provides services in more than 50 countries around the world to a wide range of industries including financial, automotive and energy industries, government institutions and others.
LockBit expected to increase activities
The LockBit 2.0 cyber criminal group operates using the ransomware-as-a-service model and is considered to be very active. So far it has hit many victims, but recently Australian government has warned that the scope of their attack will increase in the coming days. One proof of these claims is a recent post on a darknet where the gang published that it is looking for insiders within companies to gain easy access and breach corporate servers, while in return they offer “millions of dollars in payouts”.
NDRdaily will continue to follow this incident closely.