Sign in / up

back to article Bad news: Cognizant hit by ransomware gang. Worse: It's Maze, which leaks victims' data online after non-payment

New Jersey IT services provider Cognizant has confirmed it is the latest victim of the Maze ransomware. The infection was disclosed to the public this weekend. Cognizant said the malware outbreak will likely disrupt service for some of its customers, and possibly put them in danger as well. Maze is unusual among ransomware …

COMMENTS

Post your comment
House rules Send corrections
Add to 'My topics' unstar *
  1. Phil Kingston

    They are never going to financially recover from this

    0 0 Reply
    1. Mark192
      Reply Icon

      Could be great for them. Assuming it's not if you'll be hacked but when, recovering from this with minimal disruption, data intact and no documents leaked could be a PR win...

      0 2 Reply
      1. Lotaresco
        Reply Icon

        "recovering from this with minimal disruption, data intact and no documents leaked"

        Did you miss the information about Maze? Escaping from this with no documents leaked is an unlikely scenario.

        4 0 Reply
    2. LucreLout
      Reply Icon

      They are never going to financially recover from this

      In a world where people still buy broadband from TalkTalk, bank with TSB, and trust the NHS with their data, I think you may have underestimated peoples ability to completely disregard past incidents when obtaining services.

      12 0 Reply
      1. Gene Cash Silver badge
        Reply Icon

        And fly with RyanAir!

        3 0 Reply
        1. Lotaresco
          Reply Icon

          Last time I checked no one was flying with Ryanair, other than Ryanair crew.

          1 0 Reply
  2. macjules
    Meh

    A definite schadenfreude moment

    Recall a colleague at Cognizant emailing me at WPP to ask how IT security was going post Not-Petya.

    3 0 Reply
  3. julian_n

    I mean, out sourcing and putting your data out on the cloud - who would have thought anything could ever go wrong.

    8 1 Reply
  4. Lotaresco

    Significant failures

    As usual when an organization reports a successful malware attack there are significant gaps and elements of whitewash in the announcements. Two areas that interest me are the vector for the attack - it looks like it may have been spear phishing, the usual vector for ransomware, and the apparent weakness of any security controls.

    For the first part it appears that Cognizant permits users with administrator access to access the internet/corporate mail from privileged accounts. Oops.

    For the second it appears there are no controls to prevent lateral movement, no SOC, no alerting when there's unusual activity such as large volumes of data being transmitted, no IPS, no IDS, no AV on the wire... (etc).

    I'm guessing that they are already working on the standard letter that says that they have the best security in the world but were unable to defend customer accounts because of the extremely sophisticated attack.

    6 0 Reply
    1. Doctor Syntax Silver badge
      Reply Icon

      Re: Significant failures

      "I'm guessing that they are already working on the standard letter that says that they have the best security in the world but were unable to defend customer accounts because of the extremely sophisticated attack."

      They had it written and ready but it got encrypted.

      9 0 Reply
  5. Anonymous Coward
    Anonymous Coward

    reads like an inside job.

    3 0 Reply
  6. Anonymous Coward
    Anonymous Coward

    Keep the money

    Criminals don't have ethics, they will sell the data eventually, it's to valuable not to.

    Don't pay your murderer from your deathbed.

    Just close up gracefully.

    3 0 Reply
  7. YetAnotherJoeBlow

    Troubles

    My wife does work for Cognizant. Three weeks ago, they sent her a new computer; they were supposed to be online for the better part of two weeks now. Now I know why they have not communicated with her. Her Cognizant email address still works though.

    4 0 Reply
  8. Anonymous Coward
    Anonymous Coward

    We use them in a small way. Thankfully we hadn't really got started yet.

    3 0 Reply
  9. Anonymous Coward
    Anonymous Coward

    Security? I doubt they’ve heard of that

    Back when I worked for them we weren’t supplied with a corporate laptop or PC so everyone had to use their own kit. The web apps for everything were truly dire and needed ancient versions of IE to work. It got to the point where I had a really old crappy laptop just to use for timesheets and admin crap, I didn’t want my own laptop anywhere near their network.

    4 0 Reply

POST COMMENT House rules

Not a member of The Register? Create a new account here.

Forgotten password ?

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like