Late last night, word started circulating that Cognizant had been attacked by Maze Team. Today, the attack was reported by BleepingComputer and confirmed by Cognizant. In a statement on their website, the New Jersey-headquartered multinational corporation writes:
Cognizant can confirm that a security incident involving our internal systems, and causing service disruptions for some of our clients, is the result of a Maze ransomware attack.
Our internal security teams, supplemented by leading cyber defense firms, are actively taking steps to contain this incident. Cognizant has also engaged with the appropriate law enforcement authorities.
We are in ongoing communication with our clients and have provided them with Indicators of Compromise (IOCs) and other technical information of a defensive nature.
The attack is not currently listed on the Maze Team’s news site where they list victims who haven’t paid their ransom demands.
Cognizant’s 4th quarter earnings for 2019 was $4.3 Billion. Among its key partners, Cognizant lists Adobe, AWS (Amazon Web Services), CA Technologies, Cisco, Dell Technologies, Google, IBM, Informatica, Microsoft, Pega, Pivotal, Oracle, Salesforce, SAP, and ServiceNow.
Somewhat surprisingly, perhaps, when BleepingComputer reached out to Maze Team, they denied responsibility for the attack. Maybe they thought that they were demonstrating that they could be discreet in protecting an entity’s reputation. DataBreaches.net had also reached out to both Cognizant and Maze Team shortly before BleepingComputer’s article was published. This report will be updated if responses are received. Cognizant’s stock price closed higher today than it opened.