Clorox blames IT Firm for $380M hack after “Password Over the Phone” slip

Clorox is suing IT provider Cognizant after a 2023 ransomware attack cost the company $380 million.

The lawsuit claims Cognizant’s helpdesk handed over employee passwords to attackers posing as staff.

No hacking skills were needed, just a phone call and a convincing story, Clorox alleges. Cognizant denies responsibility, stating it only offered limited helpdesk support.

The attack is linked to Scattered Spider, a group known for social engineering tactics.

Read the Reuters article for more information.

Previous Post

Is the CISO role the job nobody wants?

Next Post

When privacy becomes training data

Related Posts