Wipro IT Outsourcing Company Admits Breach Following Media Pressure

  • Wipro admits IT systems breach, claims that phishing actors compromised a few of their employee accounts.
  • Different sources, however, report that the incident is far more severe and that the attackers had long-term access to Wipro’s network.
  • This comes in a troublesome period for the company’s business, as well as during security system policy transitions.

Wipro Ltd, the Indian IT consulting and business process services provider has succumbed to the media pressure and admitted that the rumored breach is indeed real. KrebsonSecurity was the first to report that Wipro is in the midst of an internal investigation, following a hacking incident that targeted their IT systems. Wipro preferred to stay silent on the matter for more than 24 hours, but they have finally released an acknowledging statement. According to it, they detected abnormal activity on their network last week, and this is now attributed to the actions of phishing actors who targeted a few of their employees.

Wipro justifies the relative tardiness in their official response by highlighting the number of security incidents that they are called to investigate on a yearly basis, which reaches a number of 4.8 million. The company states that they have employed a well-respected independent forensic firm to assist them in the investigation, and since no further details were disclosed yet, we will deduce that it’s still ongoing. However, KrebsonSecurity who revealed the incident, talk about a large-scale problem that goes well beyond the allegations made by Wipro about the compromise of the accounts of a few employees.

According to unconfirmed sources, there appear to be at least another 11 companies that were attacked in the same context. When tracing back the attacks, they were all pointed to Wipro’s network. As it seems, the attackers compromised it and leveraged its infrastructure to conduct their activities. It is also rumored that the malicious actors have had access to the Wipro’s corporate email systems for quite some time already and that the company is in the process of setting up a new private email network from scratch.

Wipro has already been going through hard times since last year, having large-scale projects in Nebraska getting canceled in the middle of the work and paying $75 million lawsuit settlement to the US National Grid who received a poorly constructed SAP from the IT company in 2018. With the company having presence all around the world, the damage from this incident could be global, affecting even Fortune 500 companies. Right now, Wipro is consulting their customers about the indicators of compromise, and since the investigation is still ongoing, nothing else can be presumed.

In February, Wipro’s new Chief Information Security Officer, Sridhar Govardhan, shared his view on what he called a “friction-less security approach”. This is basically maintaining adequately robust security on all operational levels while at the same time taking away the things that slow down a business. Smart deployment of protection measures only where and when needed is definitely a business-enabler, but in the process of implementing their friction-less security, Wipro may have made a serious mistake.

How do you see the story above? Share your views in the comments below, and also on our socials, on Facebook and Twitter.

REVIEW OVERVIEW

Recent Articles

Apple Is Working on Transparent Glass Keyboard Caps

Apple could introduce glass keycaps that display stuff from LEDs that reside underneath. These keys could change form and function as needed,...

How to Watch the ‘2020 Austrian Grand Prix’ Online – Live Stream F1

Formula 1 is finally back on the racetrack, and we are excited to start watching The Event online. Now that the F1 season is...

Offline Viewing Finally Lands on Amazon’s Windows 10 Prime Video App

The Windows 10 Amazon Prime Video app now allows local downloads for offline viewing. The app is enabling users to access over...

Brazilian Electric Power Company Extorted by REvil Ransomware Actors

“Light S.A.,” a Brazilian energy producer and distributor, has fallen victim to a REvil ransomware attack. The actors are demanding the payment...

Costa Tsaousis, Netdata: We Build Free Software to Put End-Users First

After working in the tech industry for many decades, Costa Tsaousis was annoyed that network monitoring tools simply were not "seeing" everything they should...