What caused the Clorox $380M hack?

Hackers called Cognizant's service desk, posed as employees, got password and MFA resets without verification. Twice. Ransomware followed.

Why is Clorox suing Cognizant?

Clorox claims Cognizant ignored contract terms for identity checks, handing credentials to criminals on tape. Negligence cost $380M.

Is outsourcing IT service desks safe?

Rarely. High-risk for social engineering. Audit vendors hard or bring it in-house.

🛡️ Security Tools

Clorox Sues Vendor for Coughing Up Passwords in $380M Hack Fiasco

Your Clorox wipes? Out of stock for weeks. Why? Hackers sweet-talked a vendor into handing over network keys. Now Clorox is suing—and it's a wake-up call for every outsourced IT desk.

Threat Digest Apr 02, 2026 4 min read

Clorox factory halted by cyberattack with hacker phone call graphic overlay

⚡ Key Takeaways

Hackers bypassed MFA via simple phone calls to outsourced service desk—no ID verification. 𝕏
Clorox sues Cognizant for negligence, seeking $380M damages after 'devastating' breach. 𝕏
Outsourcing front-door security invites disaster; expect more lawsuits and in-sourcing. 𝕏

Published by

Threat Digest

Threat intelligence. Zero noise.

#Clorox hack #Cognizant lawsuit #ransomware via phone #service desk breach #vishing attack

Worth sharing?

Get the best Cybersecurity stories of the week in your inbox — no noise, no spam.

Originally reported by Ars Technica Security

⚡ Key Takeaways

The 60-Second TL;DR

Threat Digest

Share this article

Worth sharing?

Related Stories

Iran's April 1 Deadline Puts Apple, Google in Crosshairs

Chrome's Fifth Zero-Day Patch: Google Races Against Relentless Exploits

IRGC Puts Apple, Google, Tesla on Middle East Hit List for April 1 Attacks

84% of Attacks Hijack Your Own Tools – And You're Still Blind

Stay in the loop