Cognizant suffered a massive Ransomware attack known as Maze Ransomware. As per reported in BleepingComputer, on Friday, Cognizant began emailing their clients, stating that they had been compromised and included a “preliminary list of indicators of compromise identified through our investigation.” The listed IOCs included IP addresses of servers and file hashes for the kepstl32.dll, memes.tmp, and maze.dll files. These IP addresses and files are known to be used in previous attacks by the Maze ransomware actors.
As Cognizant is one of the largest IT managed services company in the world with close to 300,000 employees and over $15 billion in revenue, this attack can create a lot of damage to the reputation and value too.