Does this company know what "COGNIZANT" means. This news is troubling for two reasons. 1- Cognizant has many large customers. 2 - Maze ransomware is known for data exfiltration and extortion.

https://www.bleepingcomputer.com/news/security/it-services-giant-cognizant-suffers-maze-ransomware-cyber-attack/

Outsourcing important IT Services is not a bad idea but with what's going on recently, shouldn't we also consider a scenario of vendor being taken down by Malware, Ransomware, Breach, etc

. I am excluding big guns like Microsoft, Amazon and Google.


https://threatpost.com/iss-world-hit-with-malware-attack-that-shuts-down-global-computer-network/153109/

Are you scrutinizing your vendor's scurity practices properly - A member of a popular Russian-language cybercrime forum offered to sell access to the internal network of a U.S. government IT contractor that does business with more than 20 federal agencies, including several branches of the military.

In an interview with KrebsOnSecurity, Miracle Systems CEO Sandesh Sharda confirmed that the auction concerned credentials and databases were managed by his company, and that an investigating agent from the Secret Service was in his firm’s offices at that very moment looking into the matter.

Wisconsin-based security firm Hold Security, which alerted KrebsOnSecurity to this incident, indicating that at least eight of its internal systems had been compromised on three separate occasions between November 2018 and July 2019 by Emotet, a malware strain usually distributed via malware-laced email attachments that typically is used to deploy other malicious software.


https://krebsonsecurity.com/2019/09/secret-service-investigates-breach-at-u-s-govt-it-contractor/

Another example that confirm that you business partner/ vendor's security issues can hurt your business

Cybercriminals recently launched a phishing campaign targeting Booking.com customers whose information was illegally obtained, possibly by breaching certain partner hotels

According to a June 3 report from The Sun, users have received WhatsApp and text messages warning them to change their passwords following a supposed security breach. By clicking on the accompanying malicious link, victims are unknowingly giving the adversaries access to their bookings

Booking.com reportedly told the Sun that the information was likely obtained by breaching certain hotels that it works with via a portal website separate from the travel company's main systems.

https://www.scmagazine.com/cybercriminals-phish-bookingcom-customers-after-possibly-breaching-partner-hotels/article/771091/