Wipro confirms phishing attack on its system — 11 other companies unknown
- Wipro Ltd , an Indian information technology company, confirms that its computer systems were breached by a phishing attack — and so were the systems of 11 other companies.
- The company has since quarantined the compromised systems and launched an independent forensics survey.
- Wipro Ltd denies having known about the breach from months claiming that system alerts only go back one week.
India is one of the most targeted countries when it comes to phishing attacks and Wipro Ltd, a Indian information technology company, was its latest victim. According to a report by KrebsOnSecurity, a phishing attacks on Wipro Ltd’s computer systems used employee accounts to again access to customer information.
And, at least 11 other companies were attacked as well according to evidence found in file folders on the back-end infrastructure of the intrusion. But, the exact objective of the attacks is still unclear.
We identified and isolated those employee accounts, and already took remedies; we have also shared intelligence with partners for preventing such incidents. We also informed a handful of our customers, as a standard practice. We will continue to monitor our infrastructure.
Wipro Ltd system were apparently being used as ‘jumping-off’ points for digital fishing expeditions gaining access to Wipro Ltd systems. The employees of those systems have since been quarantined and Wipro Ltd claims that the malware attack should not have any ‘material impact’ on its financials.
To know or not to know?
KrebsOnSecurity asserts that the phishing attack was a multi-month process from a state-sponsored attackers. Wirpo’s COO Bhanumurthy BM, on the other hand, claims that the alerts were only detected a week ago.
These alerts were detects a week ago and not months ago.. Any large enterprise will monitor these events and also investigate. In a year, we investigate about 4.8 million such threats.
KrebsOnSecurity speculates that the development along with the $75 million settlement to National Grid US after a botched systems applications and products in data processing (SAP) upgrade and cancelling of its Medicaid enrollment system contract with the US state of Nebraska, may have had something to do with the phishing attack.
The 11 most sophisticated online scams right now that the average person falls for
Facebook is asking some new users for their email passwords and appears to be harvesting their contacts without consent