Cognizant's corporate network has suffered a security incident, and Maze ransomware attacks have now infected some of the IT consulting firm's customers.Update - April 23, 2020: The ransomware attack may impact Cognizant's revenues and financial results, MSSP Alert reports.In a prepared statement about the security incident, Cognizant on April 18 said:Cognizant did not disclose how many customer systems were hit in the attack.Cognizant is a global systems integrator (SI), managed IT services provider (MSP) and custom software developer. The company has massive global reach. For its fourth quarter of 2019, quarterly revenue was $4.3 billion, up 3.8% the fourth quarter of 2018.
"Our internal security teams, supplemented by leading cyber defense firms, are actively taking steps to contain this incident. Cognizant has also engaged with the appropriate law enforcement authorities.
We are in ongoing communication with our clients and have provided them with Indicators of Compromise (IOCs) and other technical information of a defensive nature. "
Ransomware Attacks Repeatedly Target MSPs, IT Consulting Firms
Alas, MSPs remain prime targets for ransomware attacks. Examples include:- January 2020: A Sodinokibi ransomware attack spread from an upstate New York hosting provider and MSP to Albany airport’s IT systems during the Christmas 2019 holiday.
- December 2019: A California MSP suffered Sodinokibi ransomware attack. And remote access software extends attack to customers, report says.
- December 2019: Zeppelin ransomware targeted MSPs, healthcare & technology companies, Cylance research suggests.
- December 2019: A ransomware attack spread from a Colorado MSP through remote access software to more than 100 dentistry practices.
- December 2019: CyrusOne suffered ransomware attack that impacted six managed services customers.
- September 2019: Texas CISO Nancy Rainosek shared five MSP security lessons after 22 Texas local government agencies suffer ransomware attacks.




