top of page

Accenture under ransomware attack

Accenture on this Wednesday morning confirmed that it was hit by a ransomware attack, with a hacker group using the LockBit ransomware reportedly threatening to release the company’s data and sell insider information.

“Through our security controls and protocols, we identified irregular activity in one of our environments. We immediately contained the matter and isolated the affected servers. We fully restored our affected servers from back up. There was no impact on Accenture’s operations, or on our clients’ systems,” Accenture wrote.

Accenture is the most recent LockBit 2.0 ransomware victim.

While Accenture has confirmed the attack and maintained their position on no operational impact, they have neither confirmed nor denied the data leak.

Cyber researchers have gathered additional information on the case, which might further help you understand the threat and its potential impact.

  • TLP RED: Sample Stolen Files (unconfirmed) -

LockBit threat group has been active since late 2019. In the last 35 days, they have attacked over 89 organisations. Australia is ranked 3rd in their overall victims' list.

Over 50% of their victims are from the manufacturing, business services, and the financial services sector.

A known threat actor has shared Kaseya universal REvil decryption key on a cybercrime forum. The key is 'OgTD7co7NcYCoNj8NoYdPoR8nVFJBO5vs/kVkhelp2s=' : applicable to all victims of the Kasaya supply chain attack.

14 views0 comments

Recent Posts

See All


Post: Blog2_Post
bottom of page