Want to share with your friends too?

Science
16 Apr 2019

#BreachAlert: Wipro's system compromised in phishing attack, customers targeted

Wipro's system compromised in advanced phishing attack

Wipro, one of India's largest IT services providers, is dealing with the situation of a security breach.

The attack, which has now been confirmed by the technology giant, was reported by cybersecurity outlet KerbsOnSecurity on the basis of inputs received from multiple sources.

They have also claimed that some of the company's customers might have been impacted by the intrusion.

Here are the details.

In context

Wipro's system compromised in advanced phishing attack
'Multi-month' intrusion targeted at Wipro customers

Attack

'Multi-month' intrusion targeted at Wipro customers

KerbsOnSecurity cited two anonymous sources to report that Wipro's systems were breached and used as jump-off points to carry out phishing attacks on some of Wipro's clients.

The exact details or the scope of this attack is not clear but the outlet suggested that the attack might have been carried out by a state-sponsored attacker over a period of months.

No word on affected customers

The publication didn't reveal the name of impacted Wipro customers but one of its sources claimed that at least a dozen of the company's clients might have been compromised.

Love Tech news?

Stay updated with the latest happenings.

Notify Me

Confirmation

Wipro initially denied, then confirmed the attack

Initially, Wipro's Head of Communications, Vipin Nair, claimed that the company has robust security systems in place to detect and avoid phishing.

However, when multiple outlets reached out, the company confirmed the breach and noted that it has launched an investigation into the matter and is working on remedial methods to contain the fallout of the attack.

Here's what Wipro said in a statement

"We detected a potentially abnormal activity in a few employee accounts on our network due to an advanced phishing campaign. Upon learning, we promptly began an investigation, identified the affected users and took remedial steps to contain and mitigate any potential impact," the company said.

What Wipro is doing to tackle the issue

Steps

What Wipro is doing to tackle the issue

Wipro says it has partnered with a well-respected, independent forensic firm to investigate the attack.

Meanwhile, KerbsOnSecurity notes that the company is warning potentially affected customers about the specific "indicators of compromise."

In addition to this, it is also working on a private email network as the corporate email network is also believed to have been breached.

Impact

Wipro's shares plunged after the hacking report

In the wake of the hacking report, Wipro's shares plunged by as much as 3% in the afternoon, closing 2.45% down against the last close, ET reported.

Notably, the company also reported its fourth-quarter (Q4) earnings on the same day.

It posted a consolidated net profit at Rs. 2,483 crore, marking a 37.74% increase over last year's fourth quarter.

Ask NewsBytes
User Image

Most asked questions

How to know if a customer has been affected?

Is Wipro's system secured now?

How many people work at Wipro?

Which companies were affected?

More questions

How to know if a customer has been affected?

Asked 2019-04-16 19:40:03 by Shaurya Chatterjee

Answered by NewsBytes

Apparently, Wipro is notifying customers about indicators of compromise.

Is Wipro's system secured now?

Asked 2019-04-16 19:40:03 by Ishan Mehta

Answered by NewsBytes

The company seems to have fixed the issue now.

How many people work at Wipro?

Asked 2019-04-16 19:40:03 by Chirag Chattopadhyay

Answered by NewsBytes

Wipro has over 170,000 employees catering clients all over the globe.

Which companies were affected?

Asked 2019-04-16 19:40:03 by Rishika Gupta

Answered by NewsBytes

Wipro has not revealed the name of customers impacted from the attack.

Next Timeline