The Maze ransomware attack could have an impact on Cognizant’s financial performance as well, the information technology services firm said in a disclosure to the US markets regulator Securities and Exchange Commission.
"Although we are in the early stages of assessing this incident, the attack has caused and may continue to cause an interruption in parts of our business and may result in a loss of revenue and incremental costs that may adversely impact our financial results, the company said in the disclosure.
The Teaneck, New Jersey headquartered company, which has extensive operations in Chennai, said that the company is in ongoing communication with its clients about the incident and has released Indicators of Compromise (IOCs) and other technical information of a defensive nature.
Over the weekend, Cognizant confirmed that a security incident involving its internal systems had caused service disruptions for some of its clients. Maze ransomware hackers encrypt files in an infected system and then threaten to release the information on the internet if they aren’t paid.
The company is already in a tough spot and was recently forced to withdraw its earnings guidance for 2020 over the unpredictable and unprecedented business environment it anticipates this year due to the Covid-19 pandemic.
After lacklustre results for the year 2019, Cognizant had projected 2-4% growth for the calendar year 2020, among the lowest in recent years.
Cognizant is expected to announce its first quarter results (January-March) on May 7. The Nasdaq listed company follows the calendar year for its financial accounting.
In January, The Federal Bureau of Investigation (FBI) had issued an advisory to corporates in the US about Maze ransomware attack, the online security news website Cyberscoop said. The Maze ransomware started attacking companies back in November 2019.
The latest incident comes at a time when enterprises are facing business disruptions due to the coronavirus pandemic that has already pushed much of the global economies into a recession. The crisis has forced companies to adopt work from home model to ensure business continuity, which has led to cybersecurity concerns.
For US companies, a data breach is a big deal which brings with it regulatory oversight as well as hefty potential costs if any customer information is found to be part of the stolen data, cybersecurity firm Sophos said in a media statement.