Noida based Haldiram’s Snacks’ servers have been affected by unidentified hackers using ransomware. Data stolen include financial and employee information, data on payroll, retail sales, purchases, and inventory of the company. The hackers have demanded a ransom of Rs. 7.5 lakh, otherwise threatened to make the information public. A case was registered at the police station in Noida Sector 58 on Wednesday.
This incident took place at night between July 12 and 13, when issues were reported with the company servers. Later, it was detected to be nothing less than ransomware attacks. The complaints filed by the company’s deputy general manager (DMG) states that IT technicians were called in as soon as the corporate office in Noida sector 62 became aware of the problem.
In his complaint, DMG Aziz Khan says, “It was found that the company’s data was being diverted through the cyberattack following which the server connection with other branches was cut off. However, by then, substantial data had already been stolen. By 3 am, the ransomware had spread via the corporate network. A complaint was then raised with a cybersecurity company but all sensitive data had already been encrypted by the by then.”
“This was a pre-planned conspiracy and the hackers not only stole the data but also tried to extort money in exchange for returning it. They left a message on the servers about the ransomware attack and proposed decrypting and returning the data for a ransom of Rs 7.5 lakh,” he continued.
According to company officials, this incident of data theft can mean great loss and has already disrupted the daily working of the company. Having deleted even the backup from the servers, the hackers caused a great deal of nuisance to the company. Officials have provided IP addresses of servers, from where the ransomware seems to have originated, to the police, but Aziz did not comment on the situation.
Based on the complaints by Aziz, a case has been registered with the Noida Sector 58 police station under sections 420 (cheating), 384 (extortion) of the Indian Penal Code (IPC) and relevant sections of the Information Technology Act. The company had the case investigated privately before filing the complaint, according to a senior police official. Once the case was filed, the cyber cell had started probing into the matter.
The official said that server IDs that had been provided, were proxy servers, and by the time they could be traced back, the hackers were long gone. “No issues have been reported yet which might indicate that the misuse of data. Work is being done to track the hackers and identify them,” said the official.
Rajesh S, the deputy commissioner of police, zone 1, said that an investigation is still underway, “We have registered the FIR and cyber cell officials are looking into the case.”