Wipro Ltd said a cyber attack on few of its employ accounts has not impacted its critical business operations and the firm has taken remedial measures. In a regulatory filing, the company said it became aware of potentially abnormal activity within its network about 10 days back in respect of few of its employee accounts, who were “subjected to an advanced phishing campaign”.
It also informed the handful of customers where the affected employees are engaged.
“Upon learning of the above, the company promptly kicked off its standard operating procedure for addressing such incidents. We began investigating the incident, identified and isolated the employee accounts which were impacted, took remedial steps to contain the incident and mitigate any potential effects of the incident,” Wipro said.
“We would like to clarify that the incident did not impact the company’s ongoing critical business operations,” it said.
“Like any large enterprise, the company investigates over 4.8 million alerts in a year,” Wipro said without elaborating on what its investigation had revealed and published on news.
Cybersecurity blog KrebsOnSecurity had previously stated Wipro’s systems had been breached and were being used to launch attacks against some of its clients.
Wipro said it has used its industry-leading cybersecurity practices and partner ecosystem for remedial steps and has shared this intelligence with its partners to develop the AntiVirus signatures.
“The same has been applied to our enterprise systems. We are collaborating with our partner ecosystem to collect and monitor advanced threat intelligence for enhancing our security posture. We continue to monitor our enterprise infrastructure at a heightened level of alertness,” it said.