Conduent has suffered a Maze ransomware attack, and stolen data from the business process outsourcing (BPO) giant has been posted on the dark web, according to third-party reports. This is the latest in a growing list of Maze ransomware attacks that specifically targeted major IT service providers (ITSPs) and solutions providers.
A statement from Conduent didn't specifically mention Maze or stolen customer data, but the BPO company confirmed some type of ransomware attack. The statement read:
“Conduent's European operations experienced a service interruption on Friday, May 29, 2020. Our system identified ransomware, which was then addressed by our cybersecurity protocols. This interruption began at 12.45 AM CET on May 29th with systems mostly back in production again by 10.00 AM CET that morning, and all systems have since then been restored. This resulted in a partial interruption to the services that we provide to some clients. As our investigation continues, we have on-going internal and external security forensics and anti-virus teams reviewing and monitoring our European infrastructure.”
Security researchers at Bad Packets say Conduent was running unpatched Citrix Systems VPNs for “at least” eight weeks, Computer Business Review reports.
Conduent is a big name in the BPO market. Most Fortune 100 companies and over 500 government entities leverage Conduent's services, the BPO provider says. Conduent, a former Xerox company, employs more than 65,000 people across more than 40 countries. Conudent's revenues were $1.05 billion in the first quarter of 2020, the company reported on May 7.
Maze Ransomware Attacks: Multiple Organizations Hit
The Maze ransomware attackers have targeted multiple ITSPs, solutions providers and municipalities in recent months. Victims include:
How MSPs Can Mitigate Ransomware Attack Risks: To safeguard your MSP business and clientele from ransomware attacks, follow this tip sheet.
