After $380M hack, Clorox sues its "service desk" vendor for simply giving passwd
9 months ago
- #IT Outsourcing
- #Cybersecurity
- #Data Breach
- Hackers bypassed security by calling IT service desk for password and MFA resets without identity verification.
- The breach led to ransomware or data exfiltration, causing an estimated $380 million in damage.
- Clorox outsourced IT security to Cognizant, which allegedly failed to follow basic security procedures.
- Cognizant's service desk handed over network credentials without authentication, as per the lawsuit.
- The lawsuit claims Cognizant employees were inadequately trained, leading to the security lapse.