Wipro Confirms Major Breach Investigation (Apr 17, 2019)
The Indian IT services giant, “Wipro,” gas announced that they have recently observed suspicious activity in some employee accounts following a phishing campaign targeting users. The company stated that following a comprehensive investigation, they have remediated the incident and attempted to mitigate any impact the breach might have caused. At least eleven or twelve customers of Wipro are affected.
Recommendation: It is important that your company institute policies to educate your employees on phishing attacks. Specifically, how to identify such attacks and whom to contact if a phishing email is identified. Furthermore, maintain policies regarding what kind of requests and information your employees can expect to receive from colleagues and management to assist in identifying potential malicious communications.
Indicators of Compromise (IOCs) associated with this story can be viewed by ThreatStream users here to identify potential malicious activity.