cyber daily logo

Breaking news and updates daily. Subscribe to our Newsletter

Breaking news and updates daily. Subscribe to our Newsletter X facebook linkedin Instagram Instagram

Accenture attacked with LockBit ransomware

Global cyber consulting company Accenture has been breached by a cyber threat using a strain of ransomware known as LockBit.

user icon Nastasha Tupas
Mon, 16 Aug 2021
Accenture attacked with LockBit ransomware
expand image

Using LockBit 2.0, the attacker claims to have stolen over 6TB of Accenture’s data and is demanding $50 million in exchange.

LockBit operators claimed to have gained access to Accenture’s network and were preparing to leak files stolen from Accenture’s servers at 17:30:00 GMT, and announced the hack on the leak site.

“These people are beyond privacy and security,” according to the LockBit operator's statement.


"If you’re interested in buying some databases reach us.

"I really hope that their services are better than what I saw as an insider.

In rebuttal, Accenture released a statement on Wednesday, confirming it has isolated the affected servers, containing the matter through their security controls and protocols after irregular activity was identified.

"We fully restored our affected systems from backup, and there was no impact on Accenture's operations, or on our clients' systems," it said.

On Thursday, Accenture said it did not have any updates to its initial statement.

Observers are arguing that the company is severely downplaying the breach due to the level of controls, the clientele involved, and the possible data at risk.

Accenture has not answered questions regarding what had specifically been affected, if data had been accessed or how much the ransomware demand was/is and the company has yet to confirm the reported ransom of $50 million.

LockBit attacks are known for their ability to encrypt Windows domains by using Active Directory group policies.

Once a domain is infected, new group policies are generated by the malware and sent to devices linked to the network.

Here, the policies disable the antivirus security, and implement the malware.

LockBit ransomware was first observed in September 2019, since then the malware has become significantly advanced, and once ransomware ads were barred on hacking forums, a new leak site was organised to showcase their latest variant, LockBit 2.0.

[Related: Labor accuses government of shelving ransomware debate]

Nastasha Tupas

Nastasha Tupas

Nastasha is a Journalist at Momentum Media, she reports extensively across veterans affairs, cyber security and geopolitics in the Indo-Pacific. She is a co-author of a book titled The Stories Women Journalists Tell, published by Penguin Random House. Previously, she was a Content Producer at Verizon Media, a Digital Producer for Yahoo! and Channel 7, a Digital Journalist at Sky News Australia, as well as a Website Manager and Digital Producer at SBS Australia. Nastasha started her career in media as a Video Producer and Digital News Presenter at News Corp Australia.

cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.