Ransomware, Content, Europe

Maze Ransomware Attacks Conduent; BPO Customer Data Leaked?

Disruptions at Conduent linked to third-party breach. (Conduent)

Conduent has suffered a Maze ransomware attack, and stolen data from the business process outsourcing (BPO) giant has been posted on the dark web, according to third-party reports. This is the latest in a growing list of Maze ransomware attacks that specifically targeted major IT service providers (ITSPs) and solutions providers.

Tip Sheet:
Tip Sheet: How to stop a ransomware attack against your MSP business

A statement from Conduent didn't specifically mention Maze or stolen customer data, but the BPO company confirmed some type of ransomware attack. The statement read:

“Conduent's European operations experienced a service interruption on Friday, May 29, 2020. Our system identified ransomware, which was then addressed by our cybersecurity protocols. This interruption began at 12.45 AM CET on May 29th with systems mostly back in production again by 10.00 AM CET that morning, and all systems have since then been restored. This resulted in a partial interruption to the services that we provide to some clients. As our investigation continues, we have on-going internal and external security forensics and anti-virus teams reviewing and monitoring our European infrastructure.”

Security researchers at Bad Packets say Conduent was running unpatched Citrix Systems VPNs for “at least” eight weeks, Computer Business Review reports.

Conduent is a big name in the BPO market. Most Fortune 100 companies and over 500 government entities leverage Conduent's services, the BPO provider says. Conduent, a former Xerox company, employs more than 65,000 people across more than 40 countries. Conudent's revenues were $1.05 billion in the first quarter of 2020, the company reported on May 7.

Maze Ransomware Attacks: Multiple Organizations Hit

The Maze ransomware attackers have targeted multiple ITSPs, solutions providers and municipalities in recent months. Victims include:

  • April 2020: Cognizant, which will suffer $50 million to $70 million in lost revenue from the attack, the IT services company estimates.
  • May 2020: Dakota Carrier Network (DCN), a consortium of broadband companies & fiber optic network service provider.
  • December 2019: The city of Pensacola, Florida.
  • How MSPs Can Mitigate Ransomware Attack Risks: To safeguard your MSP business and clientele from ransomware attacks, follow this tip sheet.

    An In-Depth Guide to Ransomware

    Get essential knowledge and practical strategies to protect your organization from ransomware attacks.
    Joe Panettieri

    Joe Panettieri is co-founder & editorial director of MSSP Alert and ChannelE2E, the two leading news & analysis sites for managed service providers in the cybersecurity market.

    You can skip this ad in 5 seconds

    Cookies

    This website uses cookies to improve your experience, provide social media features and deliver advertising offers that are relevant to you.

    If you continue without changing your settings, you consent to our use of cookies in accordance with our privacy policy. You may disable cookies.