Hackers attack Haldiram’s servers, demand ₹7.5 lakh
Officials said that the data stolen included financial and employee information, data on payroll, retail sales, purchases, inventory of the company.
Unidentified hackers attacked the servers of Noida-based Haldiram’s Snacks private limited with ransomware, stealing sensitive data and demanding a ransom of ₹7.5 lakh to release the information. A case was registered at Noida Sector 58 police station on Wednesday.
The incident occurred on the intervening night of July 12 and 13 when issues were reported with the company server which later turned out to be ransomware attacks.
According to the complaint filed by the company’s deputy general manager (DGM), IT, technicians were called in after the corporate office located in Noida’s sector 62 was alerted about the problem.
“It was found that the company’s data was being diverted through the cyber attack following which the server connection with other branches was cut off. However, by then, substantial data had already been stolen. By 3 am, the ransomware had spread via the corporate network. A complaint was then raised with a cyber security company but all sensitive data had already been encrypted by the by then,” said DGM, Aziz Khan, in his complaint to Noida cyber cell.
Also read: ‘I’m Modi’s Hanuman, will tear open my chest and show if needed’ - Chirag Paswan
Officials said that the data stolen included financial and employee information, data on payroll, retail sales, purchases, inventory of the company.
“This was a pre-planned conspiracy and the hackers not only stole the data but also tried to extort money in exchange for returning it. They left a message on the servers about the ransomware attack and proposed decrypting and returning the data for a ransom of ₹7.5 lakh,” said the complainant.
Company officials also said that the data theft can lead to losses and has already disrupted the company’s daily functioning. The hackers also deleted the backups from the servers, spelling more trouble for the company. Officials have provided IP addresses, of servers from where the ransomware appeared to have originated, to the police. Aziz did not comment on the situation.
Based on his complaint, a case was registered with the Noida Sector 58 police station under sections 420 (cheating), 384 (extortion) of the Indian Penal Code (IPC) and relevant sections of the Information Technology Act.
A senior police official said that before approaching Noida police, the company had the case investigated on their own and once the complaint was filed, the cyber cell was conducting the probe in the matter.
“The server IDs provided by the company are proxy servers and the hackers were long gone from those addresses. No issues have been reported yet which might indicate that the misuse of data. Work is being done to track the hackers and identify them,” said the official.
Rajesh S, deputy commissioner of police (DCP), zone 1, said that an investigation is still underway.
“We have registered the FIR and cyber cell officials are looking into the case,” said the DCP.