IT giant Cognizant suffers from 'Maze' ransomware attack: Details here
Cognizant, one of the largest tech and consulting companies in the world, has been hit by a major ransomware attack. The attack is said to have been carried out by the "Maze" ransomware group, which first surfaced in 2019, and has also affected the New Jersey-headquartered IT giant's dealings with its clients. Here's all you need to know about it.
Though the details of the attack are scarce, a statement issued by Cognizant on its website clearly puts the blame on the Maze ransomware. "Cognizant can confirm that a security incident involving our internal systems, and causing service disruptions for some of our clients, is the result of a Maze ransomware attack," the message from the company reads.
Cognizant said that its "internal security teams, supplemented by leading cyber defense firms, are actively taking steps to contain this incident," and address the impact of the ransomware. However, it did not share anything about how the attack was carried in the first place or what kind of information was encrypted or held hostage for money.
Founded in 1994 as an in-house technology unit of Dun & Bradstreet, Cognizant has grown to become a leading provider of IT and consulting services. The conglomerate posted over $16 billion in revenue last year and has got clients across over 80 countries, including social media giant Facebook. It employs nearly 300,000 around the world but most of the company's workforce is in India.
The company says it is working with "appropriate law enforcement authorities" to help investigate the attack. Beyond that, it also claims to be engaging with clients, who may have been affected, by providing them with "indicators of compromise" as well as other technical information of a "defensive nature" that they may need to protect their business.
In a statement to Bleeping Computer, however, the hackers linked to the Maze group denied involvement in the attack on Cognizant. The group is notorious for not just encrypting files but also stealing them; the stolen data is held for ransom and is shared online if the money is not paid. In this case, however, the Maze-associated site has not yet published/advertised Cognizant's data.