Cognizant And Its Customers Hit By Maze Ransomware

“Our internal security teams, supplemented by leading cyber defense firms, are actively taking steps to contain this incident. Cognizant has also engaged with the appropriate law enforcement authorities,” the company said in a statement Saturday.

Solution provider behemoth Cognizant has been hit by the Maze ransomware virus, locking up its own internal systems and hitting some of its clients, the company said in a statement.

The company said it has deployed its own internal security along with “leading cyber defense firms” in an effort to “contain this incident.”

“Cognizant can confirm that a security incident involving our internal systems, and causing service disruptions for some of our clients, is the result of a Maze ransomware attack,” the company said in a statement posted to its website on Saturday.

“Our internal security teams, supplemented by leading cyber defense firms, are actively taking steps to contain this incident. Cognizant has also engaged with the appropriate law enforcement authorities,” the statement continued.

The company said it is in ongoing communication with clients and has provided them with indicators of compromise and “technical information of a defensive nature.”

CRN reached out to Cognizant but had not heard back at press time.

According to the website TechCrunch, the ransomware virus Maze is unique in that it not only spreads across the network and encrypts the data behind a demand for payment, “it also exfiltrates the data to the attackers’ servers where it is held for ransom. If a ransom isn’t paid, the attackers publish the files online.”

Tech Crunch said the FBI privately warned businesses about Maze in December, citing a memo a security blog had obtained.

With a market cap of $29.5 billion, Cognizant is one of the largest solution providers in the world serving Fortune 500 clients across multiple verticals.

The Teaneck, N.J.-based company was ranked 6th on the 2019 CRN Solution Provider 500. Like many tech companies, however its stock has been hard hit by the coronavirus pandemic losing 24-percent off its 2020 high of 71.42 on February 6.

The Cognizant attack comes a year after India based IT outsourcing giant Wipro was hit by a ransomware breach that also impacted a number of its customers.

Cognizant CEO Brian Humphries recently told investors that when it holds an proearnings call on May 7, first quarter revenue is expected to come in between $4.22 billion and $4.23 billion, about 2.9 percent up, year over year.

Humphries said however there have been broad-based declines in retail, consumer goods, travel, hospitality, media and entertainment, as well as disruptions in the financial services businesses which serve those industries. He said Cognizant expects a “meaningful economic slowdown” to reduce client demand during the remainder of 2020.

Last year, the company was dinged by stories about its content moderation business with Facebook. That prompted Cognizant to exit the field entirely. It’s contract with Facebook was reportedly worth $100 million annually. In November, Cognizant laid off 6,000 employees.