[BreachExchange] Indian outsourcing giant Wipro confirms flushing phishers from systems
Destry Winant
destry at riskbasedsecurity.com
Tue Apr 16 09:25:59 EDT 2019
https://www.theregister.co.uk/2019/04/16/wipro_confirms_flushing_phishers_from_systems/
Indian IT outsourcing behemoth Wipro admitted this morning to falling
victim to a "sophisticated" phishing attack.
The outfit confirmed to Reuters: "We detected a potentially abnormal
activity in a few employee accounts on our network due to an advanced
phishing campaign."
Security blogger KrebsonSecurity yesterday cited anonymous sources
that claimed the attack on its systems was then used to target at
least a dozen Wipro customers.
We asked the IT services giant about these allegations specifically,
but it would only comment about what it termed "abnormal activity" in
a "few employee accounts", telling The Reg: "Upon learning of the
incident, we promptly began an investigation, identified the affected
users and took remedial steps to contain and mitigate any potential
impact."
The news comes just in time for the company's fourth quarter results
due out later today. Analysts are predicting a squeeze on margins and
a 1 per cent growth in revenues. This time last year, it reported Q4
revenues of $2.1bn, the bulk of which were derived from its IT
services segment. It is also a reseller of desktops, servers,
notebooks, storage products, networking solutions and packaged
software internationally, which are nested under IT products.
Wipro employs about 160,000 people around the world and its clients
include many of the largest companies and public sector organisations.
In the UK it performs IT consulting and outsourcing services for the
public sector, energy, utilities and manufacturing from East Kilbride,
a developer hub in Edinburgh, and a London HQ. It has contracts with
North Lanarkshire and The Highland Council, among others. It has
multiple services and infrastructure packages on offer via UK.gov's
G-Cloud 10 framework.
Last year the firm had to fork over $75m after a massive SAP upgrade
botch at the National Grid in the United States. The firm said in a
filing with the Bombay Stock Exchange at the time that the settlement
did not mean it had admitted fault.
More information about the BreachExchange
mailing list