Author: Matthew Miller

Quick Overview

• Clorox filed a lawsuit against Cognizant following a cyber attack in 2023.
• Hackers obtained Clorox passwords through social engineering techniques.
• The breach caused damages amounting to US$380 million (A$576 million).
• Scattered Spider hackers deceived IT support desks to gain credentials.
• The lawsuit emphasizes security shortcomings on Cognizant’s part.

Overview of the Cyber Attack

In August 2023, Clorox, a manufacturer of bleach, encountered a significant cyber attack carried out by the hacking collective known as Scattered Spider. This group is infamous for leveraging social engineering strategies, predominantly aimed at IT support desks to obtain credentials, subsequently exploited for ransomware attacks.

Information on the Lawsuit

Clorox has initiated legal action against its IT service provider, Cognizant, asserting that the hackers accessed sensitive passwords through basic social engineering methods. The lawsuit, lodged in California state court, accuses Cognizant of insufficiently securing Clorox’s network by providing credentials without thorough verification.

Hackers’ Approach and Implementation

The hackers reportedly reached out to the Cognizant Service Desk, seeking access to Clorox’s network. Alarmingly, the service desk released the credentials without applying fundamental verification steps, such as confirming employee identification numbers or verifying the identity of the caller’s supervisor.

Impact of the Breach

The breach resulted in US$380 million (A$576 million) worth of damages to Clorox. This included around US$50 million set aside for recovery efforts, while the remainder was due to Clorox’s inability to supply products to retailers after the attack.

Deficiencies in IT Security

Clorox’s lawsuit highlights various security deficiencies by Cognizant, including improper termination of certain accounts and flawed data recovery methods, which aggravated the breach’s consequences.

Conclusion

The cyber attack on Clorox, executed by the Scattered Spider group, reveals critical weaknesses in IT security protocols. By taking advantage of straightforward social engineering methods, hackers inflicted substantial financial harm and disrupted Clorox’s business operations. The legal action against Cognizant emphasizes the pressing need for strong security practices and comprehensive verification processes in IT services.

Q&A

Q: Why did Clorox decide to take legal action against Cognizant?

A: Clorox sued Cognizant after a cyber attack exposed significant security flaws, enabling hackers to access passwords through social engineering strategies.

Q: In what manner did the hackers infiltrate Clorox’s network?

A: The hackers leveraged social engineering to mislead Cognizant’s IT help desk into providing network credentials without proper verification.

Q: What financial consequences did the attack have on Clorox?

A: The attack led to US$380 million (A$576 million) in damages, comprising US$50 million in recovery expenses and interruptions in product distribution.

Q: What security shortcomings did Clorox point out in their lawsuit?

A: Clorox identified issues such as insufficient account deactivation and faulty data restoration practices, which added to the attack’s impact.

Q: What role does the Scattered Spider group play in this incident?

A: Scattered Spider is a hacking group recognized for employing social engineering to manipulate IT staff, gaining unauthorized access to networks for ransomware purposes.