After Cognizant, another Leading Company attacked by Ransomware! Hackers Leak Data and Threaten Company
Home > News Shots > Business newsAfter Cognizant, IndiaBulls was subjected to a ransomware attack. An India Bull representative confirmed on Tuesday that a data breach happened and stated that an attack on its “peripheral” systems had taken place on Monday. The company also told that the information being leaked was not sensitive.
The ransom- seeking criminals threatened the company that they would expose confidential data if the company does not pay them a ransom within 24 hours. However, the spokesperson told that all data related to its customers are safe.
Once the 24-hour deadline got over, the cyber criminals dumped a trove of sensitive information from IndiaBulls group. According to the private cybersecurity agency who is tracking the attack, the hackers released up to 5 GB of files which included customer identity documents, financial transaction statements and employee details.
As per Hindustan Times’ report, “the leak included scans of customers’ KYC (know your customer) documents such Aadhaar cards, voter ID, PAN cards and passports, employees’ official ID details and phone numbers, and private keys and certificates that can enable access to the IndiaBulls Group banks’ digital services.”
Singapore- based Cyble identified this as a CLOP ransomware attack.
“CL0P ransomware demands generally range from $50,000 to over $1 million – it depends on the target and negotiations,” said the Cyble spokesperson. However, they added that the agency is not aware of the exact ransom amount in this case.
“Their statement is inaccurate as the breach occurred several weeks ago, not on Monday. As you would imagine, it takes time from the initial breach to data exfiltration and extortion. It appears that the management underestimated, or was misguided about the impact and responded inaccurately,” the Cyble spokesperson said.
IndiaBulls is headquartered in Gurugram. It offers financials services which includes housing finance and customer loans.
The exact method of data breach has not been identified but an initial report released by Cyble indicated vulnerabilities in its virtual private network (VPN) system.
OTHER NEWS SHOTS
RELATED NEWS STORIES