Mumbai, April 23: IT outsourcing and consulting giant Wipro is investigating a security breach on its corporate email system which is reported to have been hacked using phishing tools and was then used to launch attacks against some of the company’s own customers, according to a report by cyber-security investigation website KrebsOnSecurity.
The KrebsOnSecurity report said that it was told by two independent sources that Wipro was dealing with a multi-month intrusion from an assumed state-sponsored attacker. Both sources confirmed that Wipro’s systems were used as jumping-off points for digital fishing expeditions targeting at least a dozen Wipro customer systems.
Exclusive: Multiple sources now say Indian IT outsourcing giant @Wipro is in the throes of dealing with a months-long breach in which intruders were seen using the company's networks to attack and probe customer systems https://t.co/02WkdkU0UE pic.twitter.com/ptOxylwJ4KAlso Read | JustDial Data Breach: 100 Million Users' Personal Details Compromised; Company Says Sensitive Information Protected
— briankrebs (@briankrebs) April 15, 2019
This security breach has been confirmed by Wipro in a statement to the Economic Times, saying, “We detected a potentially abnormal activity in a few employee accounts on our network due to an advanced phishing campaign. Upon learning of the incident, we promptly began an investigation, identified the affected users and took remedial steps to contain and mitigate any potential impact.”
It added, “We have also retained a well-respected, independent forensic firm to assist us in the investigation. We continue to monitor our enterprise and infrastructure at a heightened level of alertness,” the Wipro statement added. Read: Wipro's 'Enemy Shares' Worth Rs 1,150 Crore Sold by Government of India
The cyber-security report said the forensic investigation at a Wipro customer said it appears at least 11 other companies associated with the outsourcing firm were attacked, as evidenced from file folders found on the intruders’ back-end infrastructure that were named after various Wipro clients. The security breach has also reportedly led Wipro to constructing a completely new private email network because the phishing expedition is thought to have compromised Wipro’s corporate email system. Read: Do You Use '123456' or 'Qwerty' As Your Passwords? World's Most Hacked Passwords Released; Is Yours on the List?
Wipro is India’s third-largest IT outsourcing company with clients across six continents with Fortune 500 customers in healthcare, banking, communications and other industries.