While Accenture CEO Julie Sweet this week touted the investments Accenture has made in security, she made no mention of the LockBit ransomware attack that hit the IT services and consulting giant, first reported in August.
Ireland-based Accenture, had a strong fiscal fourth quarter 2021 and full fiscal year 2021 in terms of revenue and profit, fueled by US$4.2 billion in acquisitions and the rapid rise in cloud adoption caused by the COVID-19 pandemic, CEO Julie Sweet told financial analysts on the quarterly conference call.
No analysts on the call asked about the ransomware attack.
Accenture did not reply to a CRN US inquiry about why no mention was made of the ransomware attack.
However, an Accenture spokesperson at the time of the attack told CRN US via email that, “Through our security controls and protocols, we identified irregular activity in on of our environments. We immediately contained the matter and isolated the affected servers. We fully restored our affected servers from back up. There was no impact on Accenture’s operations, or on our clients’ systems.”
Accenture on September 1, in response to reports that the LockBit gang took advantage of credentials accessed during the Accenture cyberattack to go after the consulting giant’s customers, disputed that claim in a statement.
“We have completed a thorough forensic review of documents on the attacked Accenture systems. This claim is false. As we have stated, there was no impact on Accenture’s operations, or on our client’s systems. As soon as we detected the presence of this threat actor, we isolated the affected servers,” the company said in that statement.
Security is an important part of Accenture’s business, Sweet Thursday told financial analysts. Security for Accenture is now a US$4.4 billion business growing 29 percent annually, and is driven by the expanding digital threat landscape, she said.
The LockBit ransomware attack on Accenture was reported in early August. LockBit, according to New Zealand-based cybersecurity company Emisisoft, is a strain of ransomware that prevents users from accessing infected systems until a ransom payment is made.
“It has been highly active since it emerged in September 2019 and has impacted thousands of organizations around the world. Many of LockBit’s attack functions are automated, making it one of the most efficient ransomware variants on the market,” Emisisoft wrote at the time in a blog post.
LockBit encrypts files using AES encryption, and typically demands a ransom in the high five-figures to decrypt the data. LockBit’s processes are largely automated, and so work with minimal human oversight once a victim is compromised, Emisisoft wrote. It can be used as the basis for a ransomware-as-a-service business model which lets ransomware developers use it in return for a portion of the ransom payments received.
Accenture said at the time that it had contained the breach, and that there was no impact from the attack on the company. However, reports from numerous sources said the attackers had published over 2,000 files to the Dark Web, including PowerPoint presentations, case studies, quotes, and more.