Wipro confirms internal investigation following claims the IT giant was breached

The company told ZDNet it is continuing to monitor its enterprise after reports that the Indian IT outsourcing firm was dealing with a 'multi-month intrusion'.

screenshot-2019-01-14-at-10-59-58.png

India's third-largest IT outsourcing firm Wipro has confirmed that it is monitoring its systems following reports it was victim to a data breach spanning many months.

A Wipro spokesperson told ZDNet that the company had detected potentially abnormal activity in a few employee accounts on its network. The spokesperson said this was due to an advanced phishing campaign.

"Upon learning of the incident, we promptly began an investigation, identified the affected users, and took remedial steps to contain and mitigate any potential impact," the company said.

"We are leveraging our industry-leading cybersecurity practices and collaborating with our partner ecosystem to collect and monitor advanced threat intelligence for enhancing security posture."

SEE: A winning strategy for cybersecurity (ZDNet special report) | Download the report as a PDF (TechRepublic) 

Wipro's spokesperson also said the company has retained an independent forensic firm to assist in the investigation and that it is continuing to monitor its enterprise and infrastructure at a "heightened level of alertness". 

As detailed originally by KrebsOnSecurity, citing "trusted sources", Wipro was dealing with a "multi-month intrusion from an assumed state-sponsored attacker".

Although Krebs alleged that the security incident had resulted in attacks being launched against some of the company's customers, Wipro did not say if any customers had been compromised as result of the breach.

Wipro operates in North America, parts of South America, Australia, India, China, South Africa, parts of Europe, and many other locations.

RELATED

A hacker has dumped nearly one billion user records over the past two months

Hacker Gnosticplayers has stolen over 932 million user records from 44 companies.

These are the 12 most common phishing email subject lines cyber criminals use to fool you

Analysis of over 360,000 phishing emails reveals some common themes in phoney emails sent to businesses. Don't get caught out by these ones.

The challenges with preventing phishing attacks: An insider's perspective (TechRepublic)

Phishing attacks remain rampant and are expected to continue to do so in 2019. Learn an insider's perspective on the difficulties combating them.

This phishing scam group built a list of 50,000 execs to target

CEO fraud group has a big list of potential victims; just hope you aren't on it.

Phishing attacks: Why is email still such an easy target for hackers?

The majority of cyber attacks begin with one simple phishing email. So will it ever be possible to close this door to hackers, once and for all?