Days after government denied of any data leak in ransomware attack on National Highways Authority of India (NHAI) server, reports have surfaced claiming that Financial records, contract documents, and employee information of NHAI has been leaked online.
According to a report by Hindustan Times, the information was posted online on July 2, two days day after NHAI denied any sensitive information was compromised. The data was leaked in two files about 1.8GB in size, which the hackers said was 5% of the total information they had.
Singapore-based cyber-security firm Cyfirma told Hindustan Times that the hackers used the Maze ransomware, and the leaks may have been meant to force the NHAI to pay a ransom in order to stop more data from being exposed.
The NHAI on June 29 said a cyber attack took place on its email server on Sunday night but prompt action resulted in no data loss. As a precaution, the Authority had shut down the server.
"A ransom ware attack on NHAI email server took place yesterday night. The attack was foiled by the security system and email servers were shut down from safety point of view. No data loss took place. NHAI data lake and other systems remained unaffected from this attack," NHAI Chief General Manager, IT, Akhilesh Srivastava, told PTI.
Earlier, the government had warned against a large-scale cyber attack against individuals and businesses earlier. The CERT-In, India's cyber security nodal agency, had issued an advisory warning that the potential phishing attacks could impersonate government agencies, departments and trade bodies that have been tasked to oversee disbursement of government fiscal aid.