• CUSTOMER LOGIN
  • Products
    • TPRM by ThirdPartyTrust
    • Beacon by ThirdPartyTrust
  • Company
    • About us
    • Partners
    • Product Security
    • Privacy Policy
REQUEST DEMO
  • Products
    • TPRM by ThirdPartyTrust
    • Beacon by ThirdPartyTrust
  • Company
    • About us
    • Partners
    • Product Security
    • Privacy Policy
REQUEST DEMO
  • CUSTOMER LOGIN
  • Products
    • TPRM by ThirdPartyTrust
    • Beacon by ThirdPartyTrust
  • Company
    • About us
    • Partners
    • Product Security
    • Privacy Policy
REQUEST DEMO
  • CUSTOMER LOGIN
  • Products
    • TPRM by ThirdPartyTrust
    • Beacon by ThirdPartyTrust
  • Company
    • About us
    • Partners
    • Product Security
    • Privacy Policy
REQUEST DEMO
  • PARTNERS LOGIN
  • CONTACT US
  • PRIVACY POLICY

Accenture and T-Mobile Hit by Cyberattacks — How Do Companies Stay Ahead?

Published by Sabrina Pagnotta on August 17, 2021
Categories
  • Blog
Tags
  • Cybersecurity
accenture t mobile cyberattack data breach

Accenture and T-Mobile are the latest victims of cybercrime making the headlines. But according to a recent study from IDC, they’re not alone. More than a third of organizations worldwide were hit by ransomware or a data breach that blocked access to data in the last 12 months. And most of the victims of ransomware have experienced multiple attacks.

Ransomware has become the enemy of the day, demanding organizations of all sizes to pay a ransom to restore access to corporate data. While the average ransom payment was almost a quarter million dollars, a few large ransom payments of more than $1 million skewed the average, according to IDC.

Data breaches continue to be everyday news as organizations go global and embrace digital transformation. More data in the cloud means a wider attack surface and more assets to protect.

The use of third party vendors to perform key business activities such as accounting, development, or storage might also increase the risk of data exposure via a third party data breach if not handled properly. Kaseya and SolarWinds are some of the most recent examples.

The latest big headlines on ransomware and data breaches below are just a reminder of the devastating effects a cyberattack can have for a business. So the important question is: How to stay ahead? Read on for the top tips on protecting your organization.

Accenture

The global consulting firm Accenture has recently confirmed it suffered from a cybersecurity incident, though it claims the attack had no impact on its operations or clients’ systems.

“Through our security controls and protocols, we identified irregular activity in one of our environments,” said Accenture spokesperson Stacey Jones in a statement. “We immediately contained the matter and isolated the affected servers. We fully restored our affected systems from backup. There was no impact on Accenture's operations, or on our clients' systems.”

While the firm didn’t explicitly classify it as a ransomware attack, media outlets such as CNN have reported that the LockBit ransomware gang claimed responsibility. LockBit has been operating since 2019, leasing its malicious software in a ‘ransomware-as-a-service’ or RaaS model. Third-party criminal affiliates who use it receive a share of ransoms in exchange for planting the code onto victim networks.

T-Mobile

Earlier this week, a seller in an online forum claimed to have 100 million personal records of T-Mobile customers, of which 36 million were unique. The data was put up for sale for six bitcoins, worth about $286,000, and reportedly includes Social Security numbers, phone numbers, names, physical addresses, IMEI numbers, and driver license information.

After conducting its own research, T-Mobile confirmed that ‘unauthorized access to some data occurred’, however they have not yet determined if there’s any personal customer data involved.

According to SC Magazine, the attackers presumably gained backdoor access. This is usually after exploiting a vulnerability or using social engineering to trick an employee into installing an infected file that grants them access. Once inside the network, they can move laterally to locate sensitive data to encrypt and kick off a ransomware attack, or exfiltrate to the web.

Memorial Health System

The Memorial Health System, a non for profit in Ohio, was hit by a cyberattack on August 15. What makes this case concerning and resonant is its impact on people’s lives: the facility had to operate under electronic health record downtime procedures and divert emergency care patients.

According to their statement, "No known patient or employee personal or financial information has been compromised". The organization continues to work with IT security experts to investigate and remediate the issues.

Memorial Health System was the third victim of ransomware in the US health system in the last two weeks. Downtime and system disruptions go beyond interrupted business processes; they bring serious challenges and devastating impacts to healthcare.

Ransomware will keep evolving in sophistication, elevating privileges and avoiding detection, in order to exfiltrate data and extort organizations. The silver lining is greater awareness has prompted companies to take action.

What can you do to stay ahead?

These are some of the top tips to protect your organization from ransomware and data breaches:
  • Have an always up-to-date backup of your critical data that’s easy to restore and externally stored. Ransomware encrypts files on every drive that’s mapped
  • Use a reliable anti malware solution
  • Train your staff on cybersecurity awareness, especially around phishing, social engineering, and business email compromise
  • In emails, show hidden file extensions, block executable files, and instruct your team to not open links and messages from unknown sources
  • Implement certified security and data protection/recovery practices
  • Ensure your partners, suppliers, and third party vendors adhere to your security standards with a robust risk assessment and third party risk management (TPRM) program
  • Periodically test your cybersecurity response procedures
  • Get buy-in from your board of directors to support your security practices
tprm dictionary make third party risk management easier
Don’t let third parties jeopardize your network

If you're looking to build a TPRM program or scale one to be more effective, read this guide before you get started. It compiles the five biggest tips for building a scalable process, from mapping to continuous monitoring and analysis, that will save your organization time.

Get the Guide
Sabrina Pagnotta
Sabrina Pagnotta
Sr. Content Strategist
  • Phone
    |+1-617-245-0469
  • Address
    |
    111 Huntington Ave, Suite 2010, Boston, MA 02199
  • Sales
    |sales@bitsighttech.com
  • Contact Us
Laika_SOC2_TypeI_PurpleIris        CSA_Trusted_Cloud_Provider

©2022 ThirdPartyTrust, LLC and its Affiliates. All Rights Reserved. | 111 Huntington Ave. Suite 2010 Boston, MA 02199
  • PARTNERS LOGIN
  • CONTACT US
  • PRIVACY POLICY
We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept”, you consent to the use of ALL the cookies.
Do not sell my personal information.
Reject AllAccept
Cookie Settings
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checkbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT