IT outsourcing and consulting giant Wipro is investigating a security breach on its corporate email system which is reported to have been hacked using phishing tools and was then used to launch attacks against some of the company’s own customers, according to a report by cyber-security investigation website KrebsOnSecurity.
The KrebsOnSecurity report said that it was told by two independent sources that Wipro was dealing with a multi-month intrusion from an assumed state-sponsored attacker. Both sources confirmed that Wipro’s systems were used as jumping-off points for digital fishing expeditions targeting at least a dozen Wipro customer systems.
This security breach has been confirmed by Wipro in a statement to the Economic Times, saying, “We detected a potentially abnormal activity in a few employee accounts on our network due to an advanced phishing campaign. Upon learning of the incident, we promptly began an investigation, identified the affected users and took remedial steps to contain and mitigate any potential impact.”
It added, “We have also retained a well-respected, independent forensic firm to assist us in the investigation. We continue to monitor our enterprise and infrastructure at a heightened level of alertness,” the Wipro statement added. Read: Wipro’s ‘Enemy Shares’ Worth Rs 1,150 Crore Sold by Government of India.
The cyber-security report said the forensic investigation at a Wipro customer said it appears at least 11 other companies associated with the outsourcing firm were attacked, as evidenced from file folders found on the intruders’ back-end infrastructure that were named after various Wipro clients. The security breach has also reportedly led Wipro to construct a completely new private email network because the phishing expedition is thought to have compromised Wipro’s corporate email system.
Wipro is India’s third-largest IT outsourcing company with clients across six continents with Fortune 500 customers in healthcare, banking, communications, and other industries.