NEW DELHI: Internal documents of
defence public sector
Bharat Earth Movers
Limited (BEML) were leaked on the
, an Atlanta-based cybersecurity firm said on Tuesday. In a detailed statement, BEML, however, said that "the compromised documents are non-classified and have no financial impact for the company nor will provide any benefit to the hackers."
According to the firm Cyble, the leak was first published on May 25. "We came across an unknown actor (R3dr0x ) in one of the darkweb markets who leaked BEML internal documents (as below)," the company wrote online, while adding screenshots of the data leak that contains "a number of email conversations, customer records, interoffice memos and freight invoices." Cyble later clarified that R3dr0x wasn't responsible for this leak and it was made by an unknown party.
BEML said they were alerted by the Indian Computer Emergency Response Team (Cert-In) to the breach on June 3. Since the leak, the Bengaluru-based company has formed a high-level committee to investigate the breach. "The compromised E-mail IDs were completely blocked from the mail server. A notification was sent internally to change passwords immediately. All desktops in the regional offices etc. being used to access internet are being segregated from business network," the statement read. The PSU also said they have installed "additional firewalls" and is undertaking a "complete cyber audit across all offices." Established in 1964, BEML operates under three major business verticals: mining & construction, defence and rail & Metro.
Cyble stated that based on circumstantial pieces like the actor's message and password combinations, the breach appears to be carried by "a hacktivist or someone politically motivated." It however, added that there was no technical evidence suggesting that the attack originated from a neighbouring or non-friendly country. The firm's researchers added that the seven BEML employee's internal email addresses and their login passwords was a part of the leak.