Indiabulls, a financial services group based in India, has confirmed a CLOP ransomware attack. The attackers threatened to leak stolen data if the company failed to pay ransom within 24 hours.
Cyble, a United States-based cyber threat intelligence company, notified the company about the breach. The CLOP threat actors posted snapshots of highly sensitive, bank-related documents, such as transaction details, vouchers, letters sent to bank managers, and more.
The CLOP ransomware group steals unencrypted files before deploying the ransomware. The leaked files are posted on its ‘CLoP^_- LEAKS’ data leak site.
The Indiabulls Group is a diversified financial services group with interests in housing finance, consumer finance, and personal wealth. The Group also has a presence in real estate, pharmaceuticals, lighting, and infrastructure and construction equipment leasing. The public company has a net worth of more than ₹ 28,580 Cr. (as of 31st March, 2019), according to its website.
Indiabulls has not publicly released how much the CLOP group is demanding for a ransom, or when the attack occurred. The CLOP ransomware group also targeted the U.S.-based pharmaceutical firm ExecuPharm in March.
Ransomware attacks can be costly. Invest in a tool like ManageEngine DataSecurity Plus to secure data and mitigate ransomware attacks. Download a free, 30-day trial of DataSecurity Plus today.
Investing in a ransomware detection tool helps you detect and respond to ransomware attacks in real time to minimize the impact on your organization. Here are some best practices DataSecurity Plus can help you implement to handle ransomware attacks.
© 2021 Zoho Corporation Pvt. Ltd. All rights reserved.
You will receive weekly cybersecurity news soon!