Clorox blames IT Firm for $380M hack after “Password Over the Phone” slip
Clorox is suing IT provider Cognizant after a 2023 ransomware attack cost the company $380 million.
The lawsuit claims Cognizant’s helpdesk handed over employee passwords to attackers posing as staff.
No hacking skills were needed, just a phone call and a convincing story, Clorox alleges. Cognizant denies responsibility, stating it only offered limited helpdesk support.
The attack is linked to Scattered Spider, a group known for social engineering tactics.
Read the Reuters article for more information.