Employee accounts may have been compromised in a sophisticated phishing campaign.
Indian IT outsourcing company Wipro has begun an investigation into a potential breach of employee accounts. It says "a few" were compromised in a sophisticated phishing attack.
The firm noticed "potentially abnormal activity" in some employee accounts, Wipro officials told Reuters in a statement, adding that it hired a forensics firm to help. The probe follows a separate report from KrebsOnSecurity, which cited multiple Wipro sources who claimed attackers broke into Wipro IT systems and leveraged their access to target its customers.
These sources, who requested to remain anonymous, reportedly said Wipro had been affected by a "multimonth intrusion from an assumed state-sponsored attacker." Its systems served as "jumping-off points" to target 12 or more Wipro clients. Those affected reportedly traced signs of network reconnaissance back to partner systems communicating with the Wipro network.
Wipro, which is due to report fourth-quarter earnings today, says it continues to monitor its network and infrastructure for suspicious activity.
Read more details here and here.
Join Dark Reading LIVE for two cybersecurity summits at Interop 2019. Learn from the industry's most knowledgeable IT security experts. Check out the Interop agenda here.
About the Author(s)
You May Also Like
Beyond Spam Filters and Firewalls: Preventing Business Email Compromises in the Modern Enterprise
April 30, 2024Key Findings from the State of AppSec Report 2024
May 7, 2024Is AI Identifying Threats to Your Network?
May 14, 2024Where and Why Threat Intelligence Makes Sense for Your Enterprise Security Strategy
May 15, 2024Safeguarding Political Campaigns: Defending Against Mass Phishing Attacks
May 16, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024