Clorox Hackers Got Passwords by Simply Asking, Lawsuit Says
Clorox has filed a lawsuit against Cognizant, alleging the IT provider’s negligence led to a significant cyberattack in 2023. The lawsuit claims hackers, identified as the Scattered Spider group, gained access by simply requesting employee passwords from Cognizant’s service desk. According to the suit, Cognizant staff provided credentials without proper verification, leading to a breach that caused $380 million in damages due to remedial costs and disrupted product shipments. Clorox also cited additional failures by Cognizant in containing the attack, further contributing to the severity of the situation.
John Q. Hosedrinker