Getty Images/iStockphoto

Accenture sheds more light on August data breach

The IT services giant disclosed in an SEC filing that threat actors stole and leaked proprietary data during a LockBit ransomware attack earlier this year.

Accenture confirmed that threat actors connected to the LockBit ransomware group stole and leaked proprietary corporate data and breached customers systems.

The disclosure was made Friday in the company's required annual 10-K report with the U.S. Securities and Exchange Commission; the filing was originally spotted by Bleeping Computer. The financial analysis includes a list of risk factors, such as competing businesses or global economic conditions, that could end up adversely affecting the company's stock price.

Buried among that list of risks was discussion about how a data breach could affect both Accenture's own business, as well as that of its customers.

During the fourth quarter of fiscal 2021, we identified irregular activity in one of our environments.

"During the fourth quarter of fiscal 2021, we identified irregular activity in one of our environments, which included the extraction of proprietary information by a third party, some of which was made available to the public by the third party. In addition, our clients have experienced, and may in the future experience, breaches of systems and cloud-based services enabled by or provided by us," Accenture noted.

"To date these incidents have not had a material impact on our or our clients' operations; however, there is no assurance that such impacts will not be material in the future, and such incidents have in the past and may in the future have the impacts discussed below."

That "irregular activity" was in fact the August breach of Accenture's internal network by hackers who were able to obtain some data. The hackers were operating the LockBit ransomware-as-a-service system. After failing to extract the requested ransom payment from Accenture, the hackers eventually dumped the pilfered data online.

While Accenture has admitted that the attackers were able to get into its networks and access some corporate data, the IT consultancy had said no customer systems were affected.

"We immediately contained the matter and isolated the affected servers. We fully restored our affected systems from backup," a spokesperson told SearchSecurity back in August. "There was no impact on Accenture's operations or on our clients' systems."

Accenture is not alone in falling victim to ransomware attacks and data breaches. Unlike the previous generation of ransomware crews that simply encrypted systems and demanded payment for decryption keys, groups such as LockBit take things a step further by also stealing data from businesses and releasing it online should the company not pay its ransom within the allotted time.

Dig Deeper on Security operations and management

Enterprise Desktop
Cloud Computing