'Bad Example' by Accenture for lack of transparency during ransomware attacks

Garima Kejriwal

August 18, 2021

When ransomware and cyber-attacks are at an all-time high, solution providers believe that high profile IT companies such as Accenture could help the industry by disclosing the attack details upfront. Their lack of disclosure is being heavily criticised and is seen as a missed opportunity to keep others well informed. Dace Mahoney, a cybersecurity practice lead and enterprise services architect at Blue Bell, Pa.-based Anexinet, No. 213, said that Accenture is trying to limit the brand tarnishing to themselves. While they confirmed the breach on August 11 in a tweet, they did not disclose it on their initiative. Cyberscoop, an IT consultancy giant, had spotted the LockBit ransomware attack on their system as early as July 30, 2021. Accenture claimed to have fully restored the affected servers and declined any impact on their clients or systems. There were no statements beyond this information. Mahoney was highly critical of how Accenture didn’t self-attest to the attack, and basic notifications could have been sent out as a response informing the customers of the breach. Similarly, Ryan Loughran, another expert, highlighted the importance of informing people and educating them of such incidents. Open communication is highly stressed by everyone these days due to the alarming cyber attacks in recent times.

Abridged fromCRN