Cognizant has revealed that it was hit by the infamous Maze ransomware, suffering a severe attack that caused service disruptions to some of its clients.
Unlike other ransomware that just kicks the user out of the system after encrypting data, Maze spreads through the network while locking out the users and also exports the data to hackers’ servers, with this data later used to extract funds in case the victim decides against paying a ransom.
For the moment though, no Cognizant data has been advertised for sale or published online. The company has said that it is in ongoing communication with clients and has provided them with indicators of compromise (IOCs) and other technical information of a defensive nature.
- Maze ransomware hits insurance giant Chubb
- Energy giant EDP hit with RagnarLocker ransomware
- Ransomware: the cyber threat that keeps on giving
While Maze operators have denied any association with this attack, independent security experts have suggested that it has indeed been carried out by the Maze group.
“Cognizant can confirm that a security incident involving our internal systems, and causing service disruptions for some of our clients, is the result of a Maze ransomware attack," the company's official statement read.
“Our internal security teams, supplemented by leading cyber defence firms, are actively taking steps to contain this incident,” it added.
Cognizant, which employs close to 300,000 employees mostly based in India, offers IT consulting to various Fortune 500 companies. The company said that its internal security teams along with the leading cyber defense firms are actively taking steps to contain this incident, and it has also informed the relevant law enforcement authorities.
Via: Bleeping Computer