Share this article on:
Serial leaker IntelBroker is claiming to have leaked the data of IT consulting and services firm Cognizant.
In a post on BreachForums, the threat actor claims to have uploaded the “Cognizant Insurance Model Office for OIPA” database.
“In June 2024, Cognizant suffered a data breach [which led] to the exposure of 40K users” and 12 million lines of data from the internal site, according to IntelBroker.
Data allegedly compromised allegedly includes client name, policy number, role code, company code, state code, role sequence number, arrangement number, arrangement status, start date, start year, end date, end year, draft day, modala mount, next bill extract date, next premium due date and role payment mode.
IntelBroker listed the data on the platform, accessible through the spending of credits, which are earned on the platform by contributing to leaks. A sample of the data was also posted, as is common practice.
Cognizant is yet to publicly acknowledge the incident. Cyber Daily has reached out to Cognizant for comment on the incident.
This is not the first time Cognizant has faced cyber criminals in recent years, having filed a notice of data breach with the Attorney General of Texas in September last year, after it discovered that a threat actor had gained access to confidential consumer data on its network. Data reportedly included names, addresses, emails, phone numbers, birth dates, social security numbers, bank account numbers, medical service information and claim numbers.
Prior to that in 2020, Cognizant confirmed that compromise of its systems resulted in service disruptions. The group was a victim of the Maze ransomware group, which shut down at the end of 2020.
Cognizant said the cost it faced as a result of the cyber attack was between US$50 million and US$70 million.