Breach of employee accounts will not have any effect on Wipro's financials: COO

Bengaluru: The breach of few employee accounts will not have any "effect" on financials of the company, Wipro COO B M Bhanumurthy said on Tuesday.

The IT major said a few of its employee accounts had been affected by an "advanced phishing campaign", and it has taken remedial steps - including retaining an independent forensic firm - to contain and mitigate any potential impact.

Cybersecurity blog KrebsOnSecurity had said Wipro's systems had been breached and were being used to launch attacks against some of its clients.

"Most of the large enterprises face attacks now and then. There are bad players who continuously try phishing to get into our environment. Thereafter, we have to detect them; disable the connection from wherever it is coming from. If it is coming from a bad IP address, we have to act against it," Bhanumurthy said when asked if the breach will have any impact on the financials of the company.

"All enterprises take precautions on cyberattacks directed, especially on their customers and partners. So, we don't see any impact on the financials of our company," he added.

Upon learning of the incident, Wipro promptly began an investigation, identified the affected users and took remedial steps to contain and mitigate any potential impact, Bhanumurthy said.

Wipro also retained an independent forensic firm to assist the company in its investigation.

Asked if there could be legal ramifications from the breach, Wipro CEO Abidali Z Neemuchwala answered in the negative.

"...as part of standard protocol, we inform those customers, make sure there is no impact on them. So between the chief information security officer of Wipro and those customers, there are regular conversation which happen and the industry works together in a cooperative manner because bad actors continue to try to attack various enterprises," he said.

Neemuchwala said the alert was detected about a week ago and Wipro has informed the "handful customers" with whom it believes the said employees of Wipro were associated.

KrebsOnSecurity, in its blog, had cited sources to state that Wipro was "dealing with a multi-month intrusion from an assumed state-sponsored attacker" and that Wipro's systems were seen being used as jumping-off points for digital phishing expeditions targeting at least a dozen Wipro customer systems.

Asked to throw some more light on the company dealing with a multi-month intrusion from an assumed state-sponsored attacker, Bhanumurthy said the company cannot comment on KrebsOnSecurity's blog.

"We cannot comment on somebody else's blog. We have no knowledge on what others have written," he said.

Bhanumurthy also said that the company is leveraging its cyber-security practices and collaborating with its partner ecosystem to collect and monitor advanced threat intelligence for enhancing security posture.

"We have also retained a well-respected, independent forensic firm to assist us in the investigation. We continue to monitor our enterprise and infrastructure at a heightened level of alertness," he said.