Indian IT outsourcing company Wipro has begun an investigation into a potential breach of employee accounts. It says “a few” were compromised in a sophisticated phishing attack.
The firm noticed “potentially abnormal activity” in some employee accounts, Wipro officials told Reuters in a statement, adding that it hired a forensics firm to help. The probe follows a separate report from KrebsOnSecurity, which cited multiple Wipro sources who claimed attackers broke into Wipro IT systems and leveraged their access to target its customers.
These sources, who requested to remain anonymous, reportedly said Wipro had been affected by a “multimonth intrusion from an assumed state-sponsored attacker.” Its systems served as “jumping-off points” to target 12 or more Wipro clients. Those affected reportedly traced signs of network reconnaissance back to partner systems communicating with the Wipro network.
Wipro, which is due to report fourth-quarter earnings today, says it continues to monitor its network and infrastructure for suspicious activity.