Wipro has clarified that the recent phishing attack it encountered will not have any material impact on the company’s financials or clients.
The company said on Tuesday it was investigating an advanced phishing attack that had affected some employee accounts and customers, causing it to release a security patch instantly and conduct a forensic investigation by its partner network into the intrusion.
E-mails of some of the employees were hacked and Wipro had to quarantine them and trigger a security protocol, including password change.
As per security blog KrebsOnSecurity, Wipro’s systems were seen being used as jumping-off points for digital phishing expeditions targeting at least a dozen Wipro customer systems.
Wipro customers traced malicious and suspicious network reconnaissance activity back to partner systems that were communicating directly with Wipro’s network, the blog said.
However, Wipro rubbished the claim of the blog that this was a multi-month intrusion from an assumed state-sponsored attacker.
“The alerts were detected a week ago and not months ago. We came to know about a potential abnormal activity in our network and this was related to a few employee accounts. These accounts were subject to advanced phishing activity. In a year, we investigate some 4.8 million malware alerts and this is common in all enterprises,” said Wipro COO Bhanumurthy BM.
