Cognizant hit by Maze ransomware cyber-attack

Tech services provider Cognizant Technology Solutions (CTS) said on Saturday that it was hit by a Maze ransomware cyber-attack, resulting in service disruptions to some its clients.

The company said on its website: “Cognizant can confirm that a security incident involving our internal systems, and causing service disruptions for some of our clients, is the result of a Maze ransomware attack.

“We are in ongoing communication with our clients and have provided them with Indicators of Compromise (IOCs) and other technical information of a defensive nature.”

The IOCs provided to clients included IP addresses of servers as well as file hashes for the maze.dll, memes.tmp and kepstl32.dll files, which Maze operators have used in their earlier attacks against other entities.

When Maze was approached by security blog BleepingComputer about its role in cyber-attack against Cognizant, it denied its involvement.

The hackers who deploy Maze ransomware have made headlines in recent months for encrypting computers of many organisations across the world. The group threatens to leak confidential information of organisations that refuse to pay ransom to the group.