IT Giant Accenture Hit by LockBit Ransomware

Global IT consultancy giant Accenture has become the latest company to be hit by the LockBit ransomware gang, according to a post made by the operators on their dark web portal, likely filling a void left in the wake of DarkSide and REvil shutdown.

“These people are beyond privacy and security. I really hope that their services are better than what I saw as an insider,” read a message posted on the data leak website. Accenture claims it has since restored the affected systems from backups.

LockBit, like its now-defunct DarkSide and REvil counterparts, operates using a ransomware-as-a-service (RaaS) model, roping in other cybercriminals (aka affiliates) to carry out the intrusion using its platform, with the payments often divided between the criminal entity directing the attack and the core developers of the malware.

The ransomware group emerged on the threat landscape in September 2019, and in June 2021 launched LockBit 2.0 along with an advertising campaign to recruit new partners. “LockBit also claims to offer the fastest data exfiltration on the market through StealBit, a data theft tool that can allegedly download 100 GB of data from compromised systems in under 20 minutes,” Emsisoft noted in a profile of the crime syndicate.

Find out how GT Global Services can help with all of your security needs, penetration and vulnerability testing, incident response and disaster recovery.