IT cognizant has accepted that the Maze Ransomware Attack took place in April 2020 and Unencrypted data was accessed and has the probability of data theft.
Cognizant is one of the big names in the IT industry. The IT giant has a workforce close to 300,000 employees and over $15 billion in revenue.
The company plays the role of a managed service provider (MSP), i.e., Cognizant remotely manages many of its clients to fix issues, install patches, and monitor their security.
It was on April 17 when Cognizant mailed it, clients, warning them to disconnect themselves from Cognizant as they were under attack by Maze ransomware. So in order to protect the clients from any kind of breach the mail was rolled out.
This email also contained the details regarding what all details were compromised which included IP addresses utilized by Maze and file hashes for the kepstl32.dll, memes.tmp, and maze.dll files. These IP addresses and files are known and familiar as they were used in previous attacks by the Maze ransomware actors.
While Cognizant stated that it was an attack by Maze, the Maze operators told BleepingComputer at the time that they weren’t behind the attack.
Image Credit: Mcafee Labs & Research