The Ransomware Attack that took place on the servers of IT Giant Cognizant is said to have resulted in the compromise of some of the personal data of the company’s employees. And that includes Tax IDs, driving license details, Passport numbers, social security details, and financial data.
On April 18th,2020 Cognizant admitted that it became a victim of a file-encrypting malware attack launched by Maze Ransomware spreading group which ex-filtrated with some sensitive data. Later on April 20th,2020 the company sent an internal email to all its impacted employees stating that details such as names and account numbers of American express credit cards could have impacted the attack.
So, the company is offering the impacted employees a free credit monitoring and dark web monitoring service for one year along with access to restoration service. If anyone finds any suspicious transactions then they can immediately report to their respective financial institutions.
Cognizant mentioned in the email that it will try its best to improve its security posture and issued an apology over the incident. Also, it stated that the FBI is carrying out a detailed investigation of the attack and will submit a report by this month end.
Note 1- Details on whether the company paid a ransom to free up the data or recovered it from backups is yet to be known.
Note 2- Maze Ransomware group is a file-encrypting malware spreading gang which not only locks a database from access until a ransom is paid ,but also ex-filtrates a portion of data either to sell it online or to pressurize the victim to pay a ransom.