Cognizant Confirms Maze Ransomware Attack, Says Customers Face Disruption (techcrunch.com) 9
Cognizant, one of the largest tech and consulting companies in the Fortune 500, has confirmed it was hit by a ransomware attack. From a report: Details remain slim besides a brief statement on its site, confirming the incident. "Cognizant can confirm that a security incident involving our internal systems, and causing service disruptions for some of our clients, is the result of a Maze ransomware attack," the statement read. "Our internal security teams, supplemented by leading cyber defense firms, are actively taking steps to contain this incident." The New Jersey-headquartered IT giant said it was engaging with the law enforcement.
The company, which offers a range of services including IT consultation to clients in more than 80 countries, posted $16.8 billion in revenue last year. The decades-old firm also maintains a business agreement with Facebook to help the social giant moderate content on its platform. Cognizant employs about 290,000 people, most of whom live in India. Maze is not like typical data-encrypting ransomware. Maze not only spreads across a network, infecting and encrypting every computer in its path, it also exfiltrates the data to the attackers' servers where it is held for ransom.
The company, which offers a range of services including IT consultation to clients in more than 80 countries, posted $16.8 billion in revenue last year. The decades-old firm also maintains a business agreement with Facebook to help the social giant moderate content on its platform. Cognizant employs about 290,000 people, most of whom live in India. Maze is not like typical data-encrypting ransomware. Maze not only spreads across a network, infecting and encrypting every computer in its path, it also exfiltrates the data to the attackers' servers where it is held for ransom.
Maze aka corn must be Indians (Score:2)
Maze aka corn must be Indians
Re: (Score:1)
Re: (Score:2)
If "one of the largest tech and consulting companies in the Fortune 500"
these companies don't contract services on the basis that they're good or excellent (how would they tell, anyway) but that they're solvent and well-known so they can sue and blame them if anything goes wrong.
that said, security is a process and a chain is as weak as its weakest link. shit happens everywhere.
Re: (Score:3)
If "one of the largest tech and consulting companies in the Fortune 500" can't keep itself safe from hackers, then how do you expect electronic payment companies to keep hackers out of your bank accounts? You people use your debit cards without a thought yet every time you do you expose yourself to massive risk of some hacker stealing that information and draining your bank accounts or charging your credit cards up to the limit. Yet you all cry about "MUH CONVENIENCE!" like that should matter.
Stop using plastic. Carry cash, pay with cash for everything you possibly can. No 'contactless' payments either. Send checks in the mail every time you can. If you absolutely must pay for something online with plastic, for fuck's sake use a credit card not a debit card, or better yet get a prepaid card so when (not IF) it gets hacked they only get a limited amount and don't wreck your life.
Nothing is safe. You can say I'm spreading FUD but that's bullshit, I'm spreading TRUTH and it's about time you people woke the fuck up and listened to it.
Can still get hacked with cash. I believe the term for that is "mugging".
Cognizant is the dollar store of talent (Score:4, Funny)
If "one of the largest tech and consulting companies in the Fortune 500" can't keep itself safe from hackers, then how do you expect electronic payment companies to keep hackers out of your bank accounts?
I've worked with Cognizant and 2 different jobs, not by choice. It's a low-end offshoring operation. It is where projects go to die. No one chooses them for their talent. They get chosen by sales people aggressively charming executives until they sign away the IT budget. They are one of the stalwarts of the offshore outsourcing fad from over a decade ago...and nearly everyone has learned, offshore outsourcing doesn't work. It NEVER saves money.
Offshoring firms hire a bunch of people with the skills of an intern then lie about their credentials...oh yeah, he's got 10 years of experience with YOUR technologies and 2 PhDs from "the MIT of India"...then you get on a video call and the kid is like 22....and completely incompetent in every way...then he leaves because even a low-end loser like him realizes Cognizant is a piece of shit operation.
There's no cheap talent in India. They have the same shortage everyone has. If the engineers is any good, they will get hired directly in the Indian offices for major tech companies where they will get paid a lot more and treated with respect. There's a lot of talent in India...and they're quickly snatched up by every one BUT the offshoring firms, like Cognizant. All you get there are the failures that couldn't get hired by a real company.
Outsourcing firms can only get low-end talent. They're the dollar stores of IT services. No one with any sense would work for them. Anyone with any talent who is stupid enough to sign up quickly leaves, getting poached by someplace better.
At every offshoring customer...there's one or 2 VPs, who get a lot of bribes (free trips, vacations, evenings of entertainment, fancy meals, etc)...who are pushing offshore outsourcing. Their staff hates the outsourcing company because they're cleaning up constantly after those losers. The projects ALWAYS go over cost and get delayed by huge factors...usually 2-5x longer than budgeted...so the people hiring Cognizant have to maintain a small local staff to clean up after their mistakes, full time...because the offshoring teams can't handle the work. It's a disaster...but once a VP has pitched outsourcing to India, it's ride or die. If they admit..."OK, they promised us the world and failed to deliver," the VP is likely to lose their job...so they keep pouring money into the dumpster fire of a project...and its a huge disaster until someone fires the VP.
The dot-com era promised so many gains in productivity....which were drastically stalled by the offshore outsourcing fad...so many tools that were started in earnest to make lives better and could have been completed in 2 years by a small local team, but took 10 years and cost 20x more than expected because some VP shithead thought that programming was trade that should not be done by Americans. I am glad the fad passed a long time ago. I just hope Cognizant, Infosys, and Tata get exposed for the frauds they are and disappear.
It's no surprise this happened...I am sure it happened many more times that they didn't report. They cannot die quickly enough.
What's the problem? (Score:2)
I understand Cognizant may have an issue with this, but anyone who bought their services assumed the risk of the lowest bidder.
Their services are cheap for a reason.
Look, when I buy from the lowest bidder, I know what I'm getting. In many cases, I only need something to work for a little while. Cognizant was a real help to executives who only needed to save money this quarter, and planned to jump ship in a quarter or so.
Nobody who has experience with outsourcing is surprised by this. We could have
You've got to be kidding.... (Score:2)
"Our internal security teams, supplemented by leading cyber defense firms, are actively taking steps to contain this incident."
If your internal security teams are not enough why are you in business?