Accenture lost ‘proprietary information’ in summer ransomware attack

The company didn't elaborate on the exact nature of the extracted data.
People pass by the Accenture logo at the 2017 Web Summit in Lisbon on November 7, 2017. (Photo by PATRICIA DE MELO MOREIRA/AFP via Getty Images)

Accenture has acknowledged in a filing to the Securities and Exchange Commission that outsiders extracted “proprietary information” in a cyber incident this summer.

The SEC filing filed Friday provides additional detail on a breach the company first discovered on July 30 and disclosed in early August. The disclosure coincided with the ransomware gang LockBit 2.0 leaking information from the consulting giant after saying Accenture failed to pay a $50 million ransom by its deadline.

CyberScoop had previously reported other details of the intrusion.

“While the perpetrators were able to acquire certain documents that reference a small number of clients and certain work materials we had prepared for clients, none of the information is of a highly sensitive nature,” read an internal memo that CyberScoop obtained.


A spokesperson didn’t directly answer a question about what kind of “proprietary information” the attackers stole, saying that the company’s original statement covered the matter.

“Through our security controls and protocols, we identified irregular activity in one of our environments,” that statement read. “We immediately contained the matter and isolated the affected servers. We fully restored our affected systems from back up. There was no impact on Accenture’s operations, or on our clients’ systems.”

In its SEC form 10-K, the company said there could be further fallout.

“In addition, our clients have experienced, and may in the future experience, breaches of systems and cloud-based services enabled by or provided by us,” it reads. “To date these incidents have not had a material impact on our or our clients’ operations; however, there is no assurance that such impacts will not be material in the future.”

In a summer filled with headline-making ransomware attacks, the Accenture intrusion flew relatively under the radar, despite a burst of social media attention at the time. Accenture reported $44 billion in 2020 revenue — far more than another summer victim that got more attention, Colonial Pipeline, which reported $1.3 billion in revenue.


But the impact of the Accenture breach was not as tangible as that of the Colonial Pipeline breach and others, with the fuel supplier attack prompting the company to take it systems offline.

Latest Podcasts