Hackers used Maze ransomware to steal sensitive data from Cognizant
Cognizant is an American multinational corporation that provides IT services, including digital, technology, consulting, and operations services. It is headquartered in Teaneck, New Jersey, United States. Cognizant is part of the NASDAQ-100 and trades under CTSH. It was founded as an in-house technology unit of Dun & Bradstreet in 1994 and started serving external clients in 1996.
Cognizant confirmed that the company suffered a ransomware attack last April which cause service disruptions to its clients. The company has more than 300,000 employees and it provides IT services, including digital, technology, consulting, and operations services.
As soon as the attack was discovered the company informed its employees about the data loss and sent them a letter that stated the company suffered Maze ransomware that was active from 9th April to 11th April.
We recently discovered that Cognizant was the victim of a ransomware attack carried out by
international cyber criminals through which personal information relating to you was impacted. On April 20, 2020, Cognizant learned that the attackers staged and likely exfiltrated a limited amount of data from Cognizant’s systems. Based on our investigation, we understand that this activity occurred between April 9 and 11.
The data that was been breached by the hackers included sensitive data like Social Security number and/or other tax identification number, financial account information, driver’s license information, and/or passport information.
Cognizant is taking this security incident very seriously. We have been cooperating with the
Federal Bureau of Investigation in connection with their investigation of the cyber criminals responsible for the attack. In addition to quickly containing the incident, we are also taking various steps to further improve Cognizant’s overall security posture.
The company also mentioned that they continue to monitor the account for any fraudulent activity and we have been informed that they have not seen an increase in fraud for our accounts.
As we saw yesterday, Food Delivery app Foodora data breached affecting 7,27,000 customers across 14 countries was also been the target of the Maze operators. It’s been a year since the Maze ransomware gang began its rise to notoriety. Previously identified as “ChaCha ransomware” (a name taken from stream cipher used by the malware to encrypt files), the Maze “brand” was first affixed to the ransomware in May 2019.
To stay tuned on tech and cybersecurity news subscribe to our newsletter from here