[BreachExchange] Another Noida sweets manufacturer attacked by ransomware

[Destry Winant]

https://www.hindustantimes.com/noida/another-noida-sweets-manufacturer-attacked-by-ransomware/story-EfrJ6P1RGiSkntFwOiLmZM.html

Noida: Merely a month after Haldiram Snacks Private Limited corporate
office in Noida suffered a ransomware attack, the servers of another
Noida-based sweets manufacturing company were hacked and their data
was encrypted in a different format that that which the company uses.

According to the company, the incident took place on the afternoon of
August 22 at the corporate office of Mithaas sweets in Noida’s Sector
63.

“Our company server was hacked and there was a ransomware implanted
between 3-4pm. All our transactional data was encrypted in a different
format, which was inaccessible to us and became completely useless.
There was a ransomware screen which asked us to contact them on a
particular email id in order to decrypt the data back to the original
format,” said Sumit Chowdhary, director (operations).

He added that when the company contacted their anti-virus provider,
they were advised not to engage with the ransomware.

“They said that the hackers may then be able to hack into our email as
well. So we never replied to the mail. All our data is still there in
the encrypted form. We are hoping that technical experts will be able
to decrypt it eventually,” said Chowdhary.

The company has 12 sweets outlets of across the national capital
region, while the main factory and corporate office is located in
Sector 63.

Based on their complaint, a case has been registered at the Phase 3
police station against unidentified hackers under relevant sections of
the Indian Penal Code. Officials said that a police complaint was
submitted by the firm after the incident took place, however, the
matter was probed by the cyber cell before an FIR was registered.

“The cyber cell is investigating the matter and will share the
necessary information with us. They are working on tracing the IP
addresses of the hackers. Once that is done and they are identified,
we will nab them,” said Jitendra Dikshit, station house officer, Phase
3 police station.

On July 13, the servers of Haldiram Snacks were hacked by unidentified
persons and their data was stolen. In exchange, the hackers had
demanded Rs 7.5 lakh to release the information. A case had then been
registered at the Sector 58 police station on October 14.

Police officers said that once the hackers are identified, only then
will they be able to tell if the same group is behind both the
ransomware attacks or not.