Clorox Sues Cognizant Over $380 Million Cyberattack

Clorox has filed a lawsuit against IT provider Cognizant following a significant 2023 cyberattack. The intrusion, executed by the Scattered Spider group, involved simply requesting passwords from Cognizant's staff. Clorox claims the attack resulted in $380 million in damages, affecting their product shipments.

Devdiscourse News Desk | Updated: 23-07-2025 00:18 IST | Created: 23-07-2025 00:18 IST

Clorox Sues Cognizant Over $380 Million Cyberattack — This image is AI-generated and does not depict any real-life event or location. It is a fictional representation created for illustrative purposes only.

Bleach manufacturing giant Clorox has initiated legal proceedings against information technology provider Cognizant, following a severe cyberattack in 2023. The company alleges that the hack was accomplished by a group known as Scattered Spider, which specializes in extracting sensitive information by deceiving IT help desks.

This attack, according to Clorox's lawsuit filed in California, was not a result of sophisticated techniques. Rather, the perpetrators simply obtained employees' passwords by directly asking for them from Cognizant's support staff. The lawsuit describes an astounding lack of security measures, with hackers successfully bypassing credential checks repeatedly.

The financial fallout from the breach has been substantial, with Clorox reporting $380 million in damages, including $50 million in remedial expenses. The aftermath also saw disruptions in Clorox's product distribution, exacerbated by further procedural failures attributed to Cognizant's personnel.

(With inputs from agencies.)