Sometimes a corporation has a specific type of legal year in which lawsuits begin to come in clusters rather than one at a time. This is one of those years for Cognizant, the massive IT services company with its headquarters in Teaneck that built much of its business serving Fortune 500 American corporations. The Clorox Company’s $380 million lawsuit in California state court in July 2025 is the most well-known of the cases.
However, the company also has to deal with a $8.4 million jury verdict in a discrimination case, a federal class action that discovered a pattern of discriminatory hiring practices affecting over 2,000 employees, a rival Infosys counterclaim in Texas federal court, and numerous wage and hour lawsuits that have been quietly reaching settlements for years. Investors would be interested in each of these situations separately. When combined, they paint a picture of a business whose development strategy is being examined by the legal system in ways that are difficult to ignore.
Due in part to the fact that the fundamental facts of the Clorox case read almost like a cautionary tale created especially for corporate cybersecurity training programs, it has garnered the most public attention. To put it simply, this is the accusation. Under a long-term services agreement, Clorox has contracted with Cognizant to handle a large percentage of its end-user support and IT helpdesk operations.
Cybercriminals attacked Clorox in 2023, but they used no complex technical vulnerability to get past the company’s defenses. They just pretended to be Clorox workers and called the Cognizant-staffed help desk to request that multi-factor authentication codes be disabled and network passwords be reset. The lawsuit claims that Cognizant’s helpdesk employees disregarded the verification processes meant to stop this specific type of social engineering attempt. Then, using the credentials they had been given over the phone, the crooks entered Clorox’s network through the front entrance.
There were severe repercussions for Clorox. The company’s systems were unavailable for weeks due to the ensuing ransomware attack. Several manufacturing facilities experienced disruptions in their supply chains. Basic Clorox items were in short supply for retail consumers during the second half of 2023. When accounting for missed sales, cleanup expenses, and the operational interruption that persisted long after the first breach, the lawsuit’s alleged total financial harm approached $300 million. In circumstances of professional negligence by a contractual service provider, California law permits both direct losses and broader categories of damages, which are included in the $380 million damages number.
Cognizant has responded with vigor. In a counterclaim, the company claimed that Clorox’s internal cybersecurity infrastructure was “inept” and that even if the helpdesk verification procedure had been followed exactly, an attacker would have eventually gained access to the network. That defense is a legitimate legal tactic. Additionally, it is rather unsettling for the larger IT services sector since it subtly raises questions about how much real security responsibility actually rests with the service providers as opposed to the client businesses who employ them. At the very least, the case is likely to generate helpful contract law precedent about the actual distribution of legal liability between vendor and client in IT outsourcing agreements.
In certain respects, the discrimination cases against Cognizant are more detrimental to the company than they are to its business. In 2025, a Manhattan jury granted $8.4 million to a former executive who claimed the corporation had treated him unfairly. The ramifications of a late-2024 class action finding that concluded Cognizant had engaged in a pattern or practice of intentional discrimination outweigh that verdict, notwithstanding its size.
The lawsuit claimed that the corporation often fired non-South Asian and non-Indian workers in favor of South Asian contractors hired under employment agreements authorized by visas. The practice was found to have an impact on over 2,000 employees. The general legal assumption was that Cognizant had violated federal employment discrimination statute by using its visa-dependent workforce to displace American workers.
The Cognizant discrimination cases are part of a broader trend that has been occurring among the main IT services companies with Indian headquarters or affiliations. Similar actions have been brought against Tata Consultancy Services, Wipro, and Infosys in recent years, with varying outcomes in court. The cases revolve around complex issues of contractor versus employee status, visa programs, and the influence of cultural preferences on hiring decisions made by managers who frequently belong to the same national origin community as the employees they are hiring. None of these problems are easily resolved in court, and the decisions made thus far have differed significantly depending on the particulars of each case.
Although it is arguably the most technically technical of the lawsuits, the Infosys counterclaim filed in Texas federal court provides insight into the current level of competition in the IT services sector. Cognizant was accused by Infosys of engaging in anti-competitive conduct through aggressive talent poaching, including the use of proprietary information and non-competitive offers to entice away Infosys staff working on certain client accounts. The case is a part of a larger trend in which the two businesses have frequently contended over contracts and staff, frequently through legal actions rather than the more common industry methods of competitive bidding.
Over the past few years, groups of Cognizant employees have filed wage and hour lawsuits in multiple federal jurisdictions, which have resulted in settlements totaling millions of dollars. Legal theories in those instances typically center on claims that the business underpaid workers in violation of federal wage rules, misclassified employees, or neglected to pay overtime. Not a single settlement has been big enough to garner significant coverage in the business press. On the other hand, the cumulative effect is substantial. A baseline assumption of legal exposure from its labor abuses, which rivals with better records do not have to bear, has been incorporated into the company’s operating costs.
