india

Updated: Apr 17, 2019 00:16 IST

Information technology company Wipro on Tuesday said a few of its employee accounts were affected in an “advanced phishing campaign”, and the company has taken remedial steps to contain and mitigate any potential impact.

The Bengaluru-based company, which also announced its fourth-quarter results on Tuesday, said it has also retained an independent forensic firm to assist the company in its investigation of the matter.

Cybersecurity blog KrebsOnSecurity had said that Wipro’s systems had been breached and were being used to launch attacks against some of its clients.

“We detected a potentially abnormal activity in a few employee accounts on our network due to an advanced phishing campaign,” Wipro said in an emailed statement.

Upon learning of the incident, Wipro promptly began an investigation, identified the affected users and took remedial steps to contain and mitigate any potential impact, it added.

Wipro pointed out that it is leveraging its cyber-security practices and collaborating with its partner ecosystem to collect and monitor advanced threat intelligence for enhancing security posture.

“We have also retained a well-respected, independent forensic firm to assist us in the investigation. We continue to monitor our enterprise and infrastructure at a heightened level of alertness,” it added.

KrebsOnSecurity cited people familiar with the matter to state that Wipro was “dealing with a multi-month intrusion from an assumed state-sponsored attacker” and that Wipro’s systems were seen being used as jumping-off points for digital fishing expeditions targeting at least a dozen Wipro customer systems.

Larger rivals Tata Consultancy Services Ltd and Infosys Ltd kicked off the Indian corporate results season on Friday.

Reuters contributed to this story.