India's third-largest IT outsourcing firm Wipro has confirmed that it is monitoring its systems following reports it was victim to a data breach spanning many months.
A Wipro spokesperson told ZDNet that the company had detected potentially abnormal activity in a few employee accounts on its network. The spokesperson said this was due to an advanced phishing campaign.
"Upon learning of the incident, we promptly began an investigation, identified the affected users, and took remedial steps to contain and mitigate any potential impact," the company said.
"We are leveraging our industry-leading cybersecurity practices and collaborating with our partner ecosystem to collect and monitor advanced threat intelligence for enhancing security posture."
Wipro's spokesperson also said the company has retained an independent forensic firm to assist in the investigation and that it is continuing to monitor its enterprise and infrastructure at a "heightened level of alertness".
As detailed originally by KrebsOnSecurity, citing "trusted sources", Wipro was dealing with a "multi-month intrusion from an assumed state-sponsored attacker".
Although Krebs alleged that the security incident had resulted in attacks being launched against some of the company's customers, Wipro did not say if any customers had been compromised as result of the breach.
Wipro operates in North America, parts of South America, Australia, India, China, South Africa, parts of Europe, and many other locations.
Hacker Gnosticplayers has stolen over 932 million user records from 44 companies.
Analysis of over 360,000 phishing emails reveals some common themes in phoney emails sent to businesses. Don't get caught out by these ones.
Phishing attacks remain rampant and are expected to continue to do so in 2019. Learn an insider's perspective on the difficulties combating them.
CEO fraud group has a big list of potential victims; just hope you aren't on it.
The majority of cyber attacks begin with one simple phishing email. So will it ever be possible to close this door to hackers, once and for all?