Indian IT outsourcing behemoth Wipro admitted this morning to falling victim to a "sophisticated" phishing attack.
The outfit confirmed to Reuters: "We detected a potentially abnormal activity in a few employee accounts on our network due to an advanced phishing campaign."
Security blogger KrebsonSecurity yesterday cited anonymous sources that claimed the attack on its systems was then used to target at least a dozen Wipro customers.
We asked the IT services giant about these allegations specifically, but it would only comment about what it termed "abnormal activity" in a "few employee accounts", telling The Reg: "Upon learning of the incident, we promptly began an investigation, identified the affected users and took remedial steps to contain and mitigate any potential impact."
Wipro hands $75m to National Grid US after botched SAP upgradeREAD MORE
The news comes just in time for the company's fourth quarter results due out later today. Analysts are predicting a squeeze on margins and a 1 per cent growth in revenues. This time last year, it reported Q4 revenues of $2.1bn, the bulk of which were derived from its IT services segment. It is also a reseller of desktops, servers, notebooks, storage products, networking solutions and packaged software internationally, which are nested under IT products.
Wipro employs about 160,000 people around the world and its clients include many of the largest companies and public sector organisations.
In the UK it performs IT consulting and outsourcing services for the public sector, energy, utilities and manufacturing from East Kilbride, a developer hub in Edinburgh, and a London HQ. It has contracts with North Lanarkshire and The Highland Council, among others. It has multiple services and infrastructure packages on offer via UK.gov's G-Cloud 10 framework.
Last year the firm had to fork over $75m after a massive SAP upgrade botch at the National Grid in the United States. The firm said in a filing with the Bombay Stock Exchange at the time that the settlement did not mean it had admitted fault. ®
If you know anything more about this, you can drop us a line, in confidence, to firstname.lastname@example.org.