Clorox Sues Cognizant Over 2023 Cyberattack, Hackers Obtained Passwords by Requesting Them
PorAinvest
jueves, 24 de julio de 2025, 1:53 pm ET1 min de lectura
CLX--
The incident, which occurred in August 2023, resulted in Clorox suffering $380 million in damages and forced the company to take its systems offline. Clorox claims that Cognizant's failure to follow established cybersecurity protocols, such as verifying the identity of individuals requesting password resets, directly led to the attack [1].
Cognizant, which did not respond to requests for comment, has been accused of repeatedly ignoring Clorox's password reset policies. According to the lawsuit, Cognizant employees reset passwords and multi-factor authentication (MFA) credentials for hackers without verifying their identities, allowing the cybercriminals to gain access to Clorox's network [1].
The lawsuit also highlights the use of social engineering tactics by the hackers, who posed as Clorox employees to obtain the necessary credentials. Clorox reported operational issues and a 6% decrease in sales volume in the six months following the attack, as well as significant costs associated with remediation efforts [1].
Clorox has demanded that Cognizant cover the $380 million in damages and pay punitive damages. The company has also indicated that it has received insurance recoveries of $100 million related to the cyberattack [1].
This lawsuit underscores the critical importance of robust cybersecurity measures and the need for IT service providers to adhere to stringent protocols to prevent such incidents. As cyberattacks become increasingly sophisticated, companies must prioritize secure practices to protect their networks and sensitive data.
References:
[1] https://therecord.media/clorox-cyberattack-lawsuit-cognizant-it-contractor
CTSH--
Clorox is suing IT provider Cognizant over a 2023 cyberattack, claiming hackers accessed their network by asking Cognizant staff for employee passwords. According to the lawsuit, Cognizant handed over the credentials without being duped by any hacking techniques. The incident highlights the importance of robust cybersecurity measures to prevent such attacks.
In a significant legal move, cleaning product giant Clorox has filed a lawsuit against Cognizant, an IT services contractor, accusing the latter of being directly responsible for a 2023 cyberattack that caused substantial financial damage. The lawsuit, filed in California Superior Court, alleges that Cognizant's help desk workers repeatedly handed over crucial login information to hackers, leading to the breach [1].The incident, which occurred in August 2023, resulted in Clorox suffering $380 million in damages and forced the company to take its systems offline. Clorox claims that Cognizant's failure to follow established cybersecurity protocols, such as verifying the identity of individuals requesting password resets, directly led to the attack [1].
Cognizant, which did not respond to requests for comment, has been accused of repeatedly ignoring Clorox's password reset policies. According to the lawsuit, Cognizant employees reset passwords and multi-factor authentication (MFA) credentials for hackers without verifying their identities, allowing the cybercriminals to gain access to Clorox's network [1].
The lawsuit also highlights the use of social engineering tactics by the hackers, who posed as Clorox employees to obtain the necessary credentials. Clorox reported operational issues and a 6% decrease in sales volume in the six months following the attack, as well as significant costs associated with remediation efforts [1].
Clorox has demanded that Cognizant cover the $380 million in damages and pay punitive damages. The company has also indicated that it has received insurance recoveries of $100 million related to the cyberattack [1].
This lawsuit underscores the critical importance of robust cybersecurity measures and the need for IT service providers to adhere to stringent protocols to prevent such incidents. As cyberattacks become increasingly sophisticated, companies must prioritize secure practices to protect their networks and sensitive data.
References:
[1] https://therecord.media/clorox-cyberattack-lawsuit-cognizant-it-contractor
Divulgación editorial y transparencia de la IA: Ainvest News utiliza tecnología avanzada de Modelos de Lenguaje Largo (LLM) para sintetizar y analizar datos de mercado en tiempo real. Para garantizar los más altos estándares de integridad, cada artículo se somete a un riguroso proceso de verificación con participación humana.
Mientras la IA asiste en el procesamiento de datos y la redacción inicial, un miembro editorial profesional de Ainvest revisa, verifica y aprueba de forma independiente todo el contenido para garantizar su precisión y cumplimiento con los estándares editoriales de Ainvest Fintech Inc. Esta supervisión humana está diseñada para mitigar las alucinaciones de la IA y garantizar el contexto financiero.
Advertencia sobre inversiones: Este contenido se proporciona únicamente con fines informativos y no constituye asesoramiento profesional de inversión, legal o financiero. Los mercados conllevan riesgos inherentes. Se recomienda a los usuarios que realicen una investigación independiente o consulten a un asesor financiero certificado antes de tomar cualquier decisión. Ainvest Fintech Inc. se exime de toda responsabilidad por las acciones tomadas con base en esta información. ¿Encontró un error? Reportar un problema
SOBRE NOSOTROS
Nuestra historiaAutores de noticiasBase de conocimientosPolítica de privacidadTérmino de usoDescargo de responsabilidad de corretaje de tercerosTérminos de uso de AIMEDivulgaciones de riesgos de AInvest AICarrerasCONTÁCTENOS
Email: support@ainvest.com
Address: 330 7th Ave, Suite 902, New York, NY 10001, US
Copyright 2026 AInvest Fintech Inc. All rights reserved.
Comentarios
Aún no hay comentarios