A police complaint was filed by Tech Mahindra on March 9 alleging a ransomware attack on the Pimpri Chinchwad smart city project servers. According to the complaint, the attackers demanded a bitcoin ransom be paid.
The city’s civic administration has invited software giant Tech Mahindra, one of the companies overseeing the Pimpri Chinchwad Smart City project, to submit a detailed report on a cyber-attack on the project’s servers that occurred on February 26.
“It has been more than 15 days since a ransomware cyberattack happened at ICC data center. Based on the understanding of Tech Mahindra’s solution experts and security experts, kindly submit a detailed report to PCSCL regarding the root cause analysis, impacts observed, probable future impacts, remedial actions in process, tentative delays in project implementation, details of financial losses incurred by M / s Tech Mahindra and any other risk and corrective action to be taken to overcome similar future attacks,” Pimpri Chinchwad Municipal Commissioner Rajesh Patil, who also heads the smart city project, said in a letter to the company. (Credits: TheIndianExpress)
Tech Mahindra filed a complaint with the Nigdi police station on March 9 alleging a ransomware attack on the smart city project’s servers. According to the complaint, the attackers demanded a bitcoin ransom be paid.
The company estimated losses of Rs 5 crore at the outset, but the civic body stated that it would not absorb the losses. In addition, the municipal corporation had said that there was no loss of data in this attack.
Seema Savale who is the BJP corporator and former chairperson of the civic standing committee raised a question upon the company’s version of events, “We suspect that the complaint was filed to claim insurance benefits of Rs 5 crore… the whole episode raises several questions. The civic administration should set the record straight,” Savale had said in a letter sent to the PCMC commissioner.
PCMC commissioner Rajesh Patil wrote in his letter that Tech Mahindra was in breach of its contract, “Tech Mahindra and its consortium partners are selected as system integrators for implementation of the smart city project and its operation for five years. Tech Mahindra and its consortium partners need to adhere to RFP clause. The ransomware attack proves the violation of RFP clauses and contract clauses… We are expecting a reply within three days,” the letter said.
Sujit Baksi, head of APAC business and president, corporate affairs at Tech Mahindra, explained in an earlier statement that the estimated Rs 5 crore loss was due to the cost of making the system more secure, not any material or data theft.
Though the FIR mentions damage of around Rs 5 crore, it is only for rework efforts and not for any material costs or data. Our team is keeping a close eye on the situation and has been working on restoring the environment without touching the infected servers. The affected servers are recoverable, and there is no commercial impact,” the statement reads.