Indiabulls Group on Tuesday confirmed a ransomware attack on their system according to reports.

The cyberattack had first been reported by researchers at cyber intelligence firm Cyble that had said that the Indian Conglomerate had been attacked by CLOP ransomware operators.

The company confirmed that it had been targeted by a cyberattack on June 22 and had had a “minor data breach,” LiveMint reported.

“The current data leak includes snapshots of highly sensitive bank-related documents of the company such as account transaction details, vouchers, letters sent to bank managers, and much more. Below are few snapshots been leaked by the CLOP ransomware operators,” Cyble had said in an official blog post.

However, contrary to the cyber-intelligence firm’s report, Indiabulls said that the information that had been leaked had been non-sensitive information. The company had then restored all its affected systems, LiveMint reported.

According to Cyble, the ransomware attack seems similar to previous attacks made by threat actors such as Maze and Revil. The groups initially gain access to a system using various vulnerabilities, steal information from them and lock the system. These groups then try and extort money and threaten to post the information in retaliation if their demands aren’t meant as per the report.

“They fully understand their victim’s reputational risks, and hence their approach is “steal, lock/encrypt and inform”,” Cyble said.

Indiabulls is currently analysing the incident, trying to map out a cyber footprint to prevent future incidents and has taken stringent actions for the same, the report said.

Related Topics
comment COMMENT NOW