wordpress blog stats
Connect with us

Hi, what are you looking for?

Cognizant confirms Maze ransomware attack, predicts ‘loss in revenue’

IT services company Cognizant, on April 18, confirmed that it has been hit by a Maze ransomware attack, which has caused “service disruptions” for some of its clients. The company has not revealed the details about the security incident, but said that its internal security teams and other cyber defence firms are trying to “contain the incident”. The company also said that it was engaging with the law enforcement. Bleeping Computer had first reported about the ransomware attack on Cognizant.

Cognizant predicts a revenue loss: In a filing with the US’ Securities and Exchange Commission (SEC), the company said that “the attack has caused and may continue to cause an interruption in parts of our business and may result in a loss of revenue and incremental costs that may adversely impact our financial results”. TechCrunch first reported on Cognizant’s SEC filing.

It had emailed clients with technical information about the attack: Cognizant claimed to have provided its clients with Indicators of Compromise (IOCs) and other technical information of a “defensive nature”. According to Bleeping Computer, the emails sent out by Cognizant to its clients included a “preliminary list of indicators of compromise identified through our investigation”, and IP addresses of servers, among other things.

What is a Maze ransomware attack? Maze operators use RSA-2048 and ChaCha20 encryption and require the victim to contact the threat actor by email for the decryption key. The threat actors behind the malware are known to have attacked multiple sectors including government and manufacturing and threaten to release the company’s data if the ransom is not paid, according to security software company McAfee.

Maze has not yet taken responsibility for the attack: When Bleeping Computer reached out to Maze, they denied being responsible for the ransomware attack., however, the report did say that “Maze is likely not discussing it to avoid complications in what they hope would be potential ransom payment”. The report speculates the presence of Maze operators in Cognizant’s severs for weeks, and that if it was Maze, they usually steal unencrypted files before encrypting them.

Advertisement. Scroll to continue reading.

“Maze ransomware operators are known to conduct their attack below the surface and have a reputation of stealing the data first before locking their target systems. They fully understand their victim’s reputational risks, and hence their approach is ‘steal, lock and inform’”, Beenu Arora, founder and CEO of  cybersecurity intelligence firm Cyble — which recently discovered 500,000+ Zoom IDs on the dark web — told MediaNama.

Arora told us that his company had reached out to Maze as well, and they did not take responsibility for the security incident, and told us that Maze “understand[s] the brand value of this organization [Cognizant] and mostly likely publish them should their negotiations fails. Given the Maze name has been spread all over by Cognizant, it is expected the group will confirm it in the next 24-48 hours”.

Written By

MediaNama’s mission is to help build a digital ecosystem which is open, fair, global and competitive.



India and US come to terms on how to deal with the equalisation levy in light of the impending Global Tax Deal.


Find out how people’s health data is understood to have value and who can benefit from that value.


The US and other countries' retreat from a laissez-faire approach to regulating markets presents India with a rare opportunity.


When news that Walmart would soon accept cryptocurrency turned out to be fake, it also became a teachable moment.


The DSCI's guidelines are patient-centric and act as a data privacy roadmap for healthcare service providers.

You May Also Like


Google has released a Google Travel Trends Report which states that branded budget hotel search queries grew 179% year over year (YOY) in India, in...


135 job openings in over 60 companies are listed at our free Digital and Mobile Job Board: If you’re looking for a job, or...


Rajesh Kumar* doesn’t have many enemies in life. But, Uber, for which he drives a cab everyday, is starting to look like one, he...


By Aroon Deep and Aditya Chunduru You’re reading it here first: Twitter has complied with government requests to censor 52 tweets that mostly criticised...

MediaNama is the premier source of information and analysis on Technology Policy in India. More about MediaNama, and contact information, here.

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ

Subscribe to our daily newsletter
Your email address:*
Please enter all required fields Click to hide
Correct invalid entries Click to hide

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ