Thursday, April 10, 2025
HomeCyber Security NewsAccenture Hacked - Lockbit 2.0 Ransomware Compromised Thousands of Computers & Demand...

Accenture Hacked – Lockbit 2.0 Ransomware Compromised Thousands of Computers & Demand $50M

Published on

SIEM as a Service

Follow Us on Google News

Exclusive!! One of the Worlds biggest IT Consulting firm Accenture reportedly hacked by the notorious Lockbit 2.0 Ransomware.

Accenture operating with more than 500k employees around the globe with a valuation of $44.3 billion and is the largest firm handling a wide range of development in various sectors such as banks, government, technology, energy, telecoms, and more.

LockBit is a cybercriminal gang roaming in the dark web that operates using a ransomware-as-a-service (RaaS) model—similar t REvil. The team behind the LockBit offers its ransomware platform for other entities or individuals to use based on an affiliate model and share the revenue collected from the victims.

- Advertisement - Google News

Threat actors from the Lockbit Ransomware gang gain Accenture databases of over 6TB and demanding $50M in ransom.

Cybercrime intelligence firm Hudson Rock also reported that Accenture has 2,500 compromised computers of employees and partners, this information was certainly used by threat actors.

https://twitter.com/HRock/status/1425447533598453760

Researchers from Cyble mentioned in their report that the attacker gained internal system access through an “Insider”, a person who is already a part of the organization and working against the same organization for financial gain.

Actors threaten that the database will be leaked for the failed payment, also they have set a count down for the leak.

These data are allegedly stolen from Accenture at a recent cyber attack, and the actors are scheduled to leak the stolen data later today.

Insider Threat Helps

Threat actors alleged that the attack was initiated with the help of an insider threat who is still working in Accenture.

Also, the actors have mentioned on their site on the DarkWeb that “These people are beyond the security and privacy. I really hope that the services are better than what I saw as an insider. If you’re interested in buying some databases us, “All THE AVAILABLE DATA WILL BE PUBLISHED””

https://twitter.com/AuCyble/status/1425391442248097792

Threat actors are not released any of the sample data from the stolen database so far, but they claimes that they will sell the data if anyone is interested.

Risks of an insider threat, especially as technology becomes smarter and It can not only keep track of every employee who has access to the database, but it can also monitor each one automatically so that you can be alerted of potential dangers in real-time.

Also Read: 5 Steps How To Protect Your Company Infrastructure From Insider Threats

Accenture Response

Accenture confirmed this attack and responded that they are not ready to pay the ransom and affected systems had been recovered from a backup.

“Through our security controls and protocols, we identified irregular activity in one of our environments. We immediately contained the matter and isolated the affected servers.”

“We fully restored our affected systems from back-up. There was no impact on Accenture’s operations, or on our clients’ systems,” Accenture said.

Accenture said that the ransomware attack and already reached its vendor and also preparing to notify more customers.

It’s not yet disclosed that when the attack took place when it was detected and alerted, the technical issue for this exploitation.

GBHackers are continuously following up on this incident, and reached out to Accenture. we will update you further in detail once we obtained the further technical details.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity and hacking news updates.

Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Latest articles

APT32 Turns GitHub into a Weapon Against Security Teams and Enterprise Networks

Southeast Asian Advanced Persistent Threat (APT) group OceanLotus, also known as APT32, has been...

AkiraBot Floods 80,000 Sites After Outsmarting CAPTCHAs and Slipping Past Network Defenses

AkiraBot, identified by SentinelLABS, represents a sophisticated spam bot framework that targets website chats...

Microsoft Identity Web Flaw Exposes Sensitive Client Secrets and Certificates

A new vulnerability has been discovered in the Microsoft.Identity.Web NuGet package under specific conditions,...

CatB Ransomware Abuses Microsoft Distributed Transaction Coordinator for Stealthy Payload Execution

The cybersecurity realm has encountered a formidable adversary with the emergence of CatB ransomware,...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

APT32 Turns GitHub into a Weapon Against Security Teams and Enterprise Networks

Southeast Asian Advanced Persistent Threat (APT) group OceanLotus, also known as APT32, has been...

AkiraBot Floods 80,000 Sites After Outsmarting CAPTCHAs and Slipping Past Network Defenses

AkiraBot, identified by SentinelLABS, represents a sophisticated spam bot framework that targets website chats...

Microsoft Identity Web Flaw Exposes Sensitive Client Secrets and Certificates

A new vulnerability has been discovered in the Microsoft.Identity.Web NuGet package under specific conditions,...