Wipro, one of India's largest IT outsourcing and consulting companies, has been used as a weapon against its own customers, security researchers are saying.
Apparently an unknown, possibly state-sponsored attacker, has breached Wipro's networks months ago, and then used it to conduct phishing attacks against Wipro's clients.
Wipro has many customers, some of which belong to the Fortune 500. These companies come from various verticals from healthcare, banking, to communications and other industries. It recently passed $8 billion in annual IT services revenue.
Given that Wipro's email has been compromised, the researchers are claiming that the company is now in the process of building an entirely new private email network. The company is also notifying its clients of potential “indicators of compromise” which could help its customers to detect if they’re being targeted.
Wipro has conducted its forensic analysis and one of the conclusions is that it wasn’t the only company that was attacked. Apparently, a total of 11 companies were under assault. It’s not giving away any names, but it did say that it found evidence from file folders found on the intruders’ back-end infrastructure.
“We detected a potentially abnormal activity in a few employee accounts on our network due to an advanced phishing campaign. Upon learning of the incident, we promptly began an investigation, identified the affected users and took remedial steps to contain and mitigate any potential impact,” Wipro Ltd said in a statement to ET.
Image source: Shutterstock/wk1003mike