Particle.news
Download on the App Store
6 ARTICLES
·
3d ago

Clorox Sues Cognizant Over $380 Million Breach Linked to Help-Desk Error

Clorox asserts that lax verification at Cognizant’s help desk allowed hackers to inflict $380 million in losses.

Cognizant's logo is pictured on a smartphone in this illustration taken, December 4, 2021. REUTERS/Dado Ruvic/Illustration/File Photo
Image
Picture of Clorox products.

Overview

  • Clorox filed suit July 22 in Alameda County Superior Court, alleging Cognizant’s negligence and breach of contract worsened the August 2023 cyberattack.
  • The complaint says Scattered Spider hackers obtained network credentials by calling the Cognizant service desk and requesting password resets without identity checks.
  • Partial call transcripts included in the lawsuit show support agents complying with multiple password-reset requests without verifying the callers’ identities.
  • Clorox claims the breach and a botched cleanup—failing to deactivate compromised accounts and restore data—led to $380 million in remediation costs and shipment delays.
  • Cognizant has rejected fault, stating its contract covered only help-desk support and that Clorox retained responsibility for broader cybersecurity measures.