- Cognizant has concluded its investigation on the April Maze ransomware attack.
- The firm believes that the damage was relatively light, but some credit card details may have been breached.
- Every cardholder is now given 12 months of identity theft protection services free of charge.
Cognizant, the American IT services giant, has started circulating notices of a data breach to those who have been compromised in a recent security lapse, and even to those who may have been affected but aren’t confirmed victims. These notices refer to an April 2020 ransomware attack that resulted in data exfiltration. The actors behind the incident have been confirmed to be the Maze group. While Cognizant realized the breach on April 20, their investigation revealed that the attack occurred between April 9 and 11, 2020.
According to what is mentioned in the notices, the most crucial data that has been accessed and potentially stolen by the actors are Cognizant’s corporate credit card details. Thus, all associates who may hold an active corporate credit card of Cognizant should have received a copy of this notice, and are eligible for 12 months of credit monitoring, identity theft protection, and dark web monitoring services provided by “ID Experts.” Other details that may have been exfiltrated include Social Security Numbers, Tax IDs, driver’s licenses, and sensitive financial information. If you are among the affected individuals, you should call “833-579-1114” for details on how to register for the protection services or address any questions and concerns that you might have. The deadline for the enrollment is set on September 18, 2020.
Cognizant says there’s no reason to panic or anything, as their internal investigation hasn’t revealed anything overly worrying. However, we all know how Maze operators work, and the occurrences of them leaking data samples or selling entire packs to other actors have been well documented. We’ve seen this happen recently with national banks like the “Banco BCR,” aerospace firms of the magnitude of “VT SAA,” and critical engineering contractors in the USA like “Westech International.” Maze has had too many successes to even enumerate, and the Cognizant breach is just another chevron for the Russian hackers.
Of course, Cognizant has reported all the juicy details they could gather to the Federal Bureau of Investigation, who may now be able to track the cyber-criminals and prepare a case folder. Even then, though, Maze is just the means, the tool that powers actors to breach into company systems and push the snowball that creates an avalanche of problems off the cliff. That said, managing to prosecute some of these groups won’t bring Maze down and won’t stop the affiliation program from being a massive headache for American companies.