MUMBAI: US-based cybersecurity research firm Cyble reported on Tuesday that internal documents of Defence PSU, BEML (Bharat Earth Movers Limited) have been leaked on marketplaces in the dark web. The actual leak of the documents took place on May 25, according to Cyble.
BEML said the Indian Computer Emergency Response Team (Cert-In) alerted it to the breach on June 3 and an internal review showed that the information allegedly leaked was “non-classified and has no adverse impact” on the company.
The firm suspects that a hacktivist or a Pakistan-based threat actor called ‘R3dr0x’ has targeted the website and leaked sensitive data files and email accounts and password of seven employees. The leaked files were downloaded from email accounts of the seven employees and a text file was also leaked detailing the employees’ internal email addresses and login passwords.
“Based on the leak itself, it appears to be an act of a hacktivist or politically motivated. At this point, we have no technical evidence suggesting that the attack originated from a neighbouring or non-friendly country; however, the circumstantial pieces (actor’s message, password combinations) suggests it to be likely the case,” the firm said.
The Bengaluru-based BEML, which manufactures heavy equipment for the construction, power, irrigation, fertiliser, cement, steel and rail sectors, said it had formed a high-level committee to investigate the breach.
“As an immediate measure we have deactivated the suspected e-mail ids, all computing devices used to access these e-mails have been quarantined from the business network, an internal analysis of logs have been carried out and data has been secured for further forensic Cyber Audit," a BEML spokesperson said in response to ET’s queries over email.
Computing devices used for internet access at remote locations have also been segregated from the business network, the spokesperson said.
BEML said the Indian Computer Emergency Response Team (Cert-In) alerted it to the breach on June 3 and an internal review showed that the information allegedly leaked was “non-classified and has no adverse impact” on the company.
The firm suspects that a hacktivist or a Pakistan-based threat actor called ‘R3dr0x’ has targeted the website and leaked sensitive data files and email accounts and password of seven employees. The leaked files were downloaded from email accounts of the seven employees and a text file was also leaked detailing the employees’ internal email addresses and login passwords.
“Based on the leak itself, it appears to be an act of a hacktivist or politically motivated. At this point, we have no technical evidence suggesting that the attack originated from a neighbouring or non-friendly country; however, the circumstantial pieces (actor’s message, password combinations) suggests it to be likely the case,” the firm said.
The Bengaluru-based BEML, which manufactures heavy equipment for the construction, power, irrigation, fertiliser, cement, steel and rail sectors, said it had formed a high-level committee to investigate the breach.
“As an immediate measure we have deactivated the suspected e-mail ids, all computing devices used to access these e-mails have been quarantined from the business network, an internal analysis of logs have been carried out and data has been secured for further forensic Cyber Audit," a BEML spokesperson said in response to ET’s queries over email.
Computing devices used for internet access at remote locations have also been segregated from the business network, the spokesperson said.
(Catch all the Business News, Breaking News, Budget 2024 News, Budget 2024 Live Coverage, Events and Latest News Updates on The Economic Times.)
...moreDownload The Economic Times News App to get Daily Market Updates & Live Business News.
Subscribe to The Economic Times Prime and read the ET ePaper online.
(Catch all the Business News, Breaking News, Budget 2024 News, Budget 2024 Live Coverage, Events and Latest News Updates on The Economic Times.)
...moreDownload The Economic Times News App to get Daily Market Updates & Live Business News.
Subscribe to The Economic Times Prime and read the ET ePaper online.
Get Unlimited Access to The Economic Times
