#BreachAlert: Wipro's system compromised in phishing attack, customers targeted
Wipro, one of India's largest IT services providers, is dealing with the situation of a security breach. The attack, which has now been confirmed by the technology giant, was reported by cybersecurity outlet KerbsOnSecurity on the basis of inputs received from multiple sources. They have also claimed that some of the company's customers might have been impacted by the intrusion. Here are the details.
'Multi-month' intrusion targeted at Wipro customers
KerbsOnSecurity cited two anonymous sources to report that Wipro's systems were breached and used as jump-off points to carry out phishing attacks on some of Wipro's clients. The exact details or the scope of this attack is not clear but the outlet suggested that the attack might have been carried out by a state-sponsored attacker over a period of months.
No word on affected customers
The publication didn't reveal the name of impacted Wipro customers but one of its sources claimed that at least a dozen of the company's clients might have been compromised.
Wipro initially denied, then confirmed the attack
Initially, Wipro's Head of Communications, Vipin Nair, claimed that the company has robust security systems in place to detect and avoid phishing. However, when multiple outlets reached out, the company confirmed the breach and noted that it has launched an investigation into the matter and is working on remedial methods to contain the fallout of the attack.
Here's what Wipro said in a statement
"We detected a potentially abnormal activity in a few employee accounts on our network due to an advanced phishing campaign. Upon learning, we promptly began an investigation, identified the affected users and took remedial steps to contain and mitigate any potential impact," the company said.
What Wipro is doing to tackle the issue
Wipro says it has partnered with a well-respected, independent forensic firm to investigate the attack. Meanwhile, KerbsOnSecurity notes that the company is warning potentially affected customers about the specific "indicators of compromise." In addition to this, it is also working on a private email network as the corporate email network is also believed to have been breached.
Wipro's shares plunged after the hacking report
In the wake of the hacking report, Wipro's shares plunged by as much as 3% in the afternoon, closing 2.45% down against the last close, ET reported. Notably, the company also reported its fourth-quarter (Q4) earnings on the same day. It posted a consolidated net profit at Rs. 2,483 crore, marking a 37.74% increase over last year's fourth quarter.
