Cognizant Confirms Personal, Financial Information Stolen in April 2020 Ransomware Attack


Technology services giant Cognizant has informed customers that the Maze ransomware attack it suffered in April 2020 resulted in the stolen of personal identifiable and financial data.

The international corporation headquartered in New Jersey offers services globally in internet, technology, consultancy, and operations, and has about 300,000 employees worldwide.

On April 20, service provider discovered that its network had been breached by cyber criminals and that Maze ransomware was used to encrypt data on internal systems.

The incident, Cognizant said at the time, resulted in a disruption of service for some of its customers, but no information was revealed on the number of systems impacted.

Details were not provided on how the opponent managed to gain access to the company ‘s network either. It appears, though, that the attackers dwelt in the environment for several weeks before they actually started encrypting files.

Cognizant filed copies of the notification letters it began sending to the affected customers with the Office of the Attorney General of California on Wednesday, revealing that the attackers were able to exfiltrate “a limited amount of data from Cognizant ‘s systems.”

The professional services firm says its investigation of the incident found that the data was possibly stolen between 9 and 11 April.

“Most sensitive information affected was information linked to our corporate credit cards. We give notice to all associates who have an active corporate credit card out of abundance of caution. Those employees who have an active corporate credit card will be given ID Experts credit and identity theft protection services, “reads one of the letters of notice.

The company also says it has notified the issuer of the cards of impacted accounts and that there is ongoing monitoring of those accounts for signs of fraudulent activity.

“For our accounts, we were informed that they did not see an increase in fraud,” Cognizant notes.

Another notification letter reveals that the incident also exfiltrated personal identifiable information (PII), including names and/or Social Security numbers (and/or other tax identification numbers), financial account information, driver’s license information, and/or passport information.

Cognizant takes that incident of security very seriously. In conjunction with their investigation of the cyber criminals responsible for the attack, we cooperated with the Federal Bureau of Investigation. In addition to resolving the incident rapidly, we are also taking numerous measures to further enhance the overall safety attitude of Cognizant, “the organization also says.

Mark Funk
Mark Funk is an experienced information security specialist who works with enterprises to mature and improve their enterprise security programs. Previously, he worked as a security news reporter.