top of page

Les Blogs

Actu
Les Brèves
Cyber
Technologie
IA
En Entreprise
 

The Infosys McCamish Cyberattack: A Dive into Digital Chaos

  • Writer: N.J
    N.J
  • Mar 17
  • 3 min read

Imagine this… Your company is thriving, clients trust you, your systems run smoothly. Then, one morning, it all collapses. Your servers are encrypted, your data is held hostage, and millions of users are affected.

That’s exactly what happened to Infosys McCamish Systems (IMS) in November 2023. A LockBit ransomware attack, millions of stolen customer records, lawsuits flooding in… and a $17.5 million settlement to clean up the mess.

Buckle up—let’s dive into the full story.


🚨 The Attack: A Four-Day Disaster Unfolds

On October 29, 2023, cybercriminals silently infiltrated Infosys McCamish’s network. For four days, they navigated through the systems, copied confidential files, and prepared their move.

Then, on November 2—BOOM.

Servers were encrypted, key systems went offline, and thousands of devices were locked. Pure chaos.

And guess who claimed responsibility on November 4? LockBit, one of the most feared ransomware gangs. Their signature move? Steal first, encrypt later, then demand a ransom.


🕵️‍♂️ Who is LockBit?

LockBit is the digital equivalent of an international bank robbery gang. Active since 2019, they’ve taken down organizations worldwide.

Their double-threat strategy makes them deadly:

  1. They encrypt all your files with a secret key, bringing operations to a halt.

  2. They steal your data and threaten to publish or sell it if you don’t pay up.

A perfectly ruthless business model where the only winner is LockBit.


🔬 Technical Breakdown (For the Geeks and Security Experts)

For the tech-savvy minds, here’s how LockBit executed the attack against Infosys McCamish:

  • Entry Point: Leaked employee credentials were already circulating on the dark web, and unsecured SSH access gave hackers an easy way in.

  • Lateral Movement: Once inside, hackers moved across the network, exploiting overly broad permissions and poorly segmented systems.

  • File Encryption: The attack affected over 2,000 servers and workstations, crippling the company’s operations.

  • Data Exfiltration: Between October 29 and November 2, hackers silently extracted terabytes of data before deploying the ransomware.

The worst part? Infosys didn’t detect a thing until everything was encrypted.


🎭 The Fallout: Millions Affected, Businesses Shaken

The impact of the attack was massive:

  • Over 6 million people had their Social Security numbers, banking details, medical records, and passwords stolen.

  • Big-name clients affected, including T. Rowe Price, New York Life, and Bank of America.

  • An estimated $30 million loss for Infosys McCamish, not including reputational damage.

  • Service disruptions lasting weeks, delaying critical business functions.


⚖️ The Legal Storm: Victims Demand Justice

After the breach, thousands of affected customers discovered their personal data was in the wrong hands. Lawsuits quickly followed.

The plaintiffs argued:

  1. Infosys failed to secure its customers' sensitive data.

  2. It was slow to detect and respond to the breach.

  3. Victims now face heightened risks of identity theft and fraud.

They sought compensation for damages, including costs to protect their identities and recover from potential fraud. The case escalated into a massive class-action lawsuit.


💰 The Settlement: $17.5 Million to Move On

Under mounting pressure, Infosys opted to settle instead of going to trial. On March 13, 2025, an agreement was reached: $17.5 million would be paid to the victims.

No admission of wrongdoing – Infosys avoided formally accepting blame but agreed to pay to close the case.✅ Victims received compensation (though relatively small, given the huge number of affected individuals).✅ End of the story? Not quite. Infosys had to overhaul its cybersecurity measures to reassure its clients.


🔚 Final Takeaway: A Wake-Up Call for Everyone

This case serves as a textbook example of modern cyberattacks:

  • Ransomware is no longer just about encryption. Hackers now steal data first, then ransom it.

  • Poor security can cost millions. One weak access point is enough to bring down an entire business.

  • Victims won’t stay silent. Data breaches lead to lawsuits and heavy financial repercussions.

Infosys had to pay up, rebuild, and regain trust. But one thing is clear: no business can afford to ignore cybersecurity.

bottom of page