Attackers hit service desk of provider to hit U.S, multi-national in 2023.
IT provider Cognizant has been sued by Clorox over a destructive Scattered Spider attack that was allegedly caused by significant cybersecurity lapses.
Reuters reports that the ransomware operation was able to immediately obtain credentials to Clorox's network upon request from Cognizant's Service Desk, claims Clorox. Remediation of the attack, which led to $380 million in losses, has also been hampered by Cognizant's inadequate efforts to restore data or deactivate accounts, according to Clorox.
Such claims have been refuted by Cognizant, which emphasised its limited help desk services for the bleach maker. "Clorox has tried to blame us for these failures, but the reality is that Clorox hired Cognizant for a narrow scope of help desk services which Cognizant reasonably performed," said the IT firm in a statement.
Written by
Dan Raywood is a B2B journalist with 25 years of experience, including covering cybersecurity for the past 17 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.
He has spoken at events including 44CON, Infosecurity Europe, RANT Forum, BSides Scotland, Steelcon and the National Cyber Security Show, and served as editor of SC Media UK, Infosecurity Magazine and IT Security Guru. He was also an analyst with 451 Research and a product marketing lead at Tenable.
