In a wave of cyberattacks targeting Indian businesses, a Bengaluru-based company, Whiteboard Technologies Pvt Ltd, has reported falling victim to a ransomware attack. The attackers have demanded a ransom of up to $70,000 (approximately ₹60.26 lakh) to restore access to the firm’s encrypted files and prevent the release of stolen data.
The breach occurred on March 31 between 4:23 PM and 5 PM and was reported to authorities on April 7 after internal verification of the attack’s impact. Whiteboard Technologies, headquartered in Sanjaynagar, provides structural steel detailing services and also operates a branch in Corcoran, USA.
Data Theft and Threats of Exposure
According to a formal police complaint filed by Radha Krishnan S, the company’s HR executive, unknown cybercriminals infiltrated the firm’s systems, encrypted sensitive files, and allegedly stole valuable business and customer information. “The hackers not only encrypted our database but also stole sensitive client and business data,” Krishnan stated. “They are threatening to leak the stolen information unless a ransom between $700 and $70,000 is paid.”
ALSO READ: Call for Chapters: Contribute to the Book “Cyber Crime – From Theory to Practice”
The extortion messages are reportedly being sent via Telegram by a user named @Dmc_eze and through the email address encrpt@onionmail.org—an encrypted and anonymous service often used by cybercriminals.
Police and CERT-In Step In
The North CEN division of the Bengaluru police has registered an FIR under relevant sections of the Information Technology Act. The case is currently being investigated by a team led by Assistant Commissioner of Police Pavan N.
In response to the cyber threat, the Indian Computer Emergency Response Team (CERT-In) has been alerted. “CERT-In has been notified, and our cyber experts are analyzing the ransomware pattern,” a senior police officer said. “Unless the attackers voluntarily release the decryption key or we locate a backup, recovering the data remains extremely difficult.”
Hope in Digital Forensics
CERT-In’s expertise in identifying malware signatures and coordinating with global cyber defense units may offer a lifeline. If the ransomware strain used in the attack matches any previously analyzed cases, the agency might already possess effective decryption tools. “CERT-In can sometimes identify the malware variant and offer potential workarounds if the encryption is not completely unique,” the officer added.
ALSO READ: “DFIR Capability Maturity Assessment Framework” by ALGORITHA
Understanding the Threat: What is a Ransomware Attack?
Ransomware is a form of malicious software that encrypts a victim’s files, locking them out of their own systems until a ransom is paid. Often disguised as legitimate files or software, ransomware can infiltrate networks through phishing emails, compromised downloads, or infected attachments.
Well-known examples include WannaCry and CryptoLocker, which have disrupted businesses and government agencies globally. Without a decryption key—or prior knowledge of the ransomware’s encryption method—victims often face permanent data loss or are coerced into paying hefty ransoms.
A Wake-Up Call for Indian Enterprises
This incident underscores the rising threat of ransomware to Indian businesses, particularly those with overseas clients and sensitive project data. Experts urge companies to adopt stronger cybersecurity protocols, regular data backups, and employee training to reduce the risk of similar attacks.
As investigations continue, Whiteboard Technologies and law enforcement authorities are working together to mitigate the damage and identify the attackers behind the breach.