10 Biggest Cyber Attacks on Indian Companies : Check The Full List Here

While many countries in the world have started vaccination and preparing for post-Covid times, it appears that the pandemic has left a huge adverse impact, which will take time to subside completely. 

With this unpredictable COVID-19 situation, organisations and businesses are among the most affected sectors that have faced unimaginable decisions like recession, salary cuts and much more.

 
The pandemic has pushed the organisations and businesses to make changes in their working format by adopting work from home, using digital tools, etc. and hence accelerated the technology adoption. 

As every coin has two sides, the pandemic has also brought up two situations. One is the struggling phase of the businesses to make the ends meet, and the other is the one-in-a-million chance for the cybercriminals to hack and steal crucial data.

ALSO READ: 10 Celebrities Who Were Recently Attacked By The Hackers On Social Media

1. JustDial: The company had a rough time in April when an independent internet security researcher,  Rajshekhar Rajaharia alerted the company to a potential data leak in their servers. The leak didn’t only affect people using the JustDial app or website, but anyone who had called the company’s helpline number between 2015 and 2019. 

Four application programme interfaces (APIs) were left unprotected leaving the names, contact details, and other personally identifiable information out in the open. One of the APIs could even allow hackers to trigger OPT request for any of registered phone numbers.

2. Unacademy Data Breach: One of the Bengaluru-based popular online edtech platforms, Unacademy had suffered a data breach in January 2020. The breach had exposed over 20 million user accounts that included usernames, SHA-256 hashed passwords, date joined, last login date, email addresses, first and last names, and whether the account is active, a staff member, or a superuser and was sold on Dark Web. According to sources, the major data breach was exposed by the US-based cybersecurity firm Cyble. 

3. BigBasket User Data Breach : In October, a popular online grocery shop in India, BigBasket suffered a massive data breach that left data of 20 million users exposed. According to sources, the breach occurred on October 14 and made public on November 7 where personal information of users such as full names, email addresses, date of birth, IP addresses of user devices have been compromised and put up on sale on the dark web for $40,000.

4. Haldiram: Renowned Indian snacks manufacturer Haldiram’s witnessed a ransomware attack by hackers who encrypted all its files, data, applications, and systems. The hackers have demanded a ransom of $7,50,000 for giving access to the stolen data. Though the snack maker filed a complaint to the cyber cell on July 17, the FIR was lodged on October 14.

According to the information, data related to retail sales and inventory, human resources and payroll data and other crucial documents were taken away.

Also Read: Ransomware Attack Cripples Haldiram, Hackers Demand Rs 7.5 Lakh To Unlock Data

5. Dr Reddy’s Laboratories Ltd: India’s second-largest drugmaker- Dr. Reddy’s Laboratories Ltd, was forced to temporarily shut operations at its key plants in the US, the UK, Brazil, India, and Russia after a cyber attack struck its data centre services. The cyber attack took place shortly after Dr. Reddy’s Laboratories announced that it had received approval from the Drugs Controller General of India (DCGI) to conduct clinical trials for Sputnik V vaccine in India.

Also Read: Cyber Attack On Dr Reddy’s Laboratories: Data Centers Isolated, Production Across Plants Shut

6. Dr Lal Path Labs: One of India’s biggest clinical lab testing chains- Dr. Lal Path Labs, was found to have left the data of millions of its customers exposed on an unprotected storage bucket hosted on Amazon Web Services. Whether the data hackers maliciously accessed, stole and sold the data, is not known.

Also Read: Dr Lal PathLabs data leak: Fine up to Rs 5 crore can be imposed as millions of patients at risk

7. Cosmos Bank Cyber Attack in Pune : A recent cyber attack in India 2018 was targeted on Cosmos Bank in Pune. This daring attack shook the whole banking sector of India when hackers stole Rs 94.42 crore from Cosmos Cooperative Bank Ltd. in Pune.
Hackers hacked into the bank’s ATM server and took details of many visas and rupee debit cardholders. Money was wiped off while hacker gangs from around 28 countries immediately withdrew the amount as soon as they were informed. 

  
 8. ATM System Hacked: Around mid-2018, Canara bank ATM servers were targeted in a cyber attack. Almost 20 lakh rupees were wiped off from various bank accounts. Count of 50 victims was estimated and according to the sources, cyber attackers held ATM details of more than 300 users. Hackers used skimming devices to steal information from debit cardholders. Transactions made from stolen details amounted from Rs 10,000 to the maximum amount of Rs. 40,000. 

9. State Bank Of India: India’s largest bank, the State Bank of India (SBI), left one of its servers unprotected which exposed the data of its 422 million customers. Situated in Mumbai, the server contained partial bank account numbers, bank balances and phones of individual using the bank’s SBI Quick service.  TechCrunch’s investigation revealed that the back-end text message system was left unprotected allowing anyone to track text messages coming in and going out in real-time. On a single day, SBI Quick sends out nearly three million text messages — and database archive had messages dating back to December 2018.

10. Kudankulam Nuclear Power Plant (KKNPP) and ISRO hacked: India’s largest nuclear power plant and the country’s central space agency were hacked in September. Malware was installed on computers at the Kundankulam Nuclear Power Plant (KKNPP) and the Indian Space Research Organisation (ISRO) — and all it took was one click on the wrong type of link. The National Power Co-operation of India (NPCI) initially denied all reports of their systems being compromised before admitting that one of the computers may have been sabotaged. They added that the breach was restricted to the plant’s administrative network, which is separate from the operational network and system.
ISRO was hacked right before the launch of Chandrayaan-2 — India’s second mission to the Moon, which ended with its lander crashing onto the lunar surface. But the agency told Quint that the malware did not affect any of their systems.