IntelBroker, a known threat actor associated with BreachForums, has allegedly disclosed a significant amount of data stolen from Cognizant Technology Solutions, a prominent American multinational specializing in IT services and consulting.

The disclosed Cognizant data reportedly contains a document comprising 12 million lines from Cognizant’s internal website and user data from the company’s Oracle Insurance Policy Admin System (OIPA), a cloud-based DevOps solution.

According to IntelBroker, the leaked user file includes around 40,000 user records with various sensitive data fields. These fields encompass crucial information such as policy number, role code, client name, company code, state code, role sequence number, arrangement number, arrangement status, start date, start year, end date, end year, draft day, modular amount, and next premium due date.

Upon contacting Cognizant officials to verify these claims, the company’s spokesperson stated that they are investigating the reports made by a cybercriminal organization regarding the alleged targeting of their services. The spokesperson neither confirmed nor denied the alleged data leak reports.

If substantiated, the implications of these claims could have far-reaching consequences, posing significant risks to both the individuals affected and Cognizant’s reputation. This alleged data breach underscores the persistent and evolving threats that corporations face from sophisticated cybercriminals.

IntelBroker has a history of engaging in high-profile cyber intrusions, including a previous claim of responsibility for a substantial data breach involving Advanced Micro Devices (AMD), a major player in the semiconductor industry. This unverified breach raised concerns about the security of AMD’s infrastructure, prompting an investigation by the company.

The hacker’s notoriety stems from targeting various organizations, including critical infrastructure, major tech corporations, and government contractors. IntelBroker’s sophisticated techniques in exploiting vulnerabilities have enabled access to sensitive information on multiple occasions, with previous claims of breaches at institutions like Apple, Lindex Group, and Acuity.

Interestingly, this is not the first time Cognizant has encountered cyber threats. In September 2023, the company reported a data breach to the Attorney General of Texas after an unauthorized party accessed confidential consumer data on their network. This incident followed a ransomware attack in April 2020, estimated to result in losses between $50 million and $70 million.

The potential data leak by IntelBroker underscores the ongoing and increasing cyber threats faced by multinational corporations, impacting both data security and the financial stability of affected companies. The Cyber Express Team continues to monitor the situation and will provide updates as more information becomes available, emphasizing the importance for organizations to review and enhance their cybersecurity protocols to mitigate potential threats.

Source link