logo
Lawsuit says Clorox hackers got passwords simply by asking

Lawsuit says Clorox hackers got passwords simply by asking

CNAa day ago
WASHINGTON :Bleach maker Clorox said Tuesday that it has sued information technology provider Cognizant over a devastating 2023 cyberattack, alleging that the hackers pulled off the intrusion simply by asking the tech company's staff for employees' passwords.
Clorox was one of several major companies hit in August 2023 by the hacking group dubbed Scattered Spider, which specializes in tricking IT help desks into handing over credentials and then using that access to lock them up for ransom. The group is often described as unusually sophisticated and persistent, but in a case filed in California state court on Tuesday, Clorox said one of Scattered Spider's hackers was able to repeatedly steal employees' passwords simply by asking for them.
"Cognizant was not duped by any elaborate ploy or sophisticated hacking techniques," according to a copy of the lawsuit reviewed by Reuters. "The cybercriminal just called the Cognizant Service Desk, asked for credentials to access Clorox's network, and Cognizant handed the credentials right over."
Cognizant did not immediately return a message seeking comment on the suit, which was not immediately visible on the public docket of the Superior Court of Alameda County. Clorox provided Reuters with a receipt for the lawsuit from the court.
Three partial transcripts included in the lawsuit allegedly show conversations between the hacker and Cognizant support staff in which the intruder asks to have passwords reset and the support staff complies without verifying who they are talking to, for example by quizzing them on their employee identification number or their manager's name.
"I don't have a password, so I can't connect," the hacker says in one call. The agent replies, "Oh, ok. Ok. So let me provide the password to you ok?"
The 2023 hack caused $380 million in damages, Clorox said in the suit, about $50 million of which were tied to remedial costs and the rest of which were attributable to Clorox's inability to ship products to retailers in the wake of the hack.
Clorox said the clean-up was hampered by other failures by Cognizant's staff, including failure to de-activate certain accounts or properly restore data.
Orange background

Try Our AI Features

Explore what Daily8 AI can do for you:

Comments

No comments yet...

Related Articles

House Democrats raise concerns about T-Mobile role in 'Trump Mobile' service
House Democrats raise concerns about T-Mobile role in 'Trump Mobile' service

CNA

timean hour ago

  • CNA

House Democrats raise concerns about T-Mobile role in 'Trump Mobile' service

WASHINGTON :Three Democrats on the House Energy and Commerce Committee raised serious concerns about T-Mobile's involvement in the Trump Organization's self-branded mobile service and a $499 smartphone dubbed Trump Mobile. Representative Frank Pallone, the ranking member of the committee and two other committee members, asked T-Mobile CEO Mike Sievert to answer questions about the company's dealings with the Trump organization. "We are specifically concerned that T-Mobile's business relationship with the Trump Organization — while Donald Trump is serving as President of the United States — presents a conflict of interest that will harm the American people," they wrote in a letter Wednesday.

Trump administration unveils plan to ease AI chip exports, loosen environmental rules
Trump administration unveils plan to ease AI chip exports, loosen environmental rules

CNA

time2 hours ago

  • CNA

Trump administration unveils plan to ease AI chip exports, loosen environmental rules

WASHINGTON: The Trump administration on Wednesday (Jul 23) released a sweeping artificial intelligence blueprint that aims to accelerate US leadership in the sector by loosening environmental regulations and facilitating the export of AI chips and software to allied nations. President Donald Trump is set to mark the rollout with a speech emphasising the strategic importance of winning the global AI race, a competition he says will shape the future of economics, defence and geopolitics. EXPORTS TO ALLIES, REGULATORY ROLLBACK The plan includes nearly 90 recommendations and shifts away from the Biden administration's restrictive approach. It calls for the creation of full-stack 'secure export packages' hardware, models, software and standards, that the US can share with friendly governments. 'We're establishing a program led by the departments of Commerce and State to partner with industry to deliver secure full-stack AI export packages… to America's friends and allies,' said Michael Kratsios, head of the White House Office of Science and Technology Policy. Trump blocked the export of Nvidia's H20 chip to China in April but allowed sales to resume in July, prompting criticism from Republicans. The plan does not mention national security concerns around the chip, which had been designed to stay just within the limits of earlier US restrictions. DATA CENTRES AND ENERGY DEMANDS The blueprint also proposes fast-tracking AI data centre construction by loosening federal environmental requirements, including exclusions under the National Environmental Policy Act and streamlined permits under the Clean Water Act. The administration aims to make more federal land available for projects and is preparing further executive orders to remove obstacles to AI infrastructure growth. The launch event, titled Winning the AI Race, will feature top officials including Secretary of State Marco Rubio and National Economic Adviser Kevin Hassett. It is hosted by White House AI and crypto adviser David Sacks and the co-hosts of the All-In podcast. Trump's AI strategy, shaped in part by members of the Silicon Valley-backed Hill and Valley Forum, reverses several Biden-era restrictions. These included export limits on AI chips and a so-called 'diffusion rule' capping the amount of computing power foreign buyers could obtain. Trump has also struck deals with countries like the United Arab Emirates, allowing expanded access to advanced US chips after earlier limits tied to concerns about Chinese technology transfers. The AI boom has contributed to a surge in US electricity demand, reaching record levels in 2025 after nearly two decades of stagnation. The administration is expected to announce additional measures to help Big Tech secure energy for data centre expansion.

White House unveils artificial intelligence policy plan
White House unveils artificial intelligence policy plan

CNA

time4 hours ago

  • CNA

White House unveils artificial intelligence policy plan

WASHINGTON :The White House released an artificial intelligence (AI) policy plan on Wednesday spelling out priorities for the U.S. to achieve "global dominance" in the sector. U.S. President Donald Trump's plan calls for open-source and open-weight AI models to be made freely available by developers for anyone in the world to download and modify. The plan also calls for the Commerce Department to research Chinese AI models for alignment with Chinese Communist Party talking points and censorship. As previously reported by Reuters, it adds the federal government should not allow AI-related federal funding to be directed toward states with "burdensome" regulations.

DOWNLOAD THE APP

Get Started Now: Download the App

Ready to dive into a world of global content with local flavor? Download Daily8 app today from your preferred app store and start exploring.
app-storeplay-store