Tata Power, the Indian electric utility company based in Mumbai and part of the Tata Group, disclosed a cyberattack on its IT infrastructure on 14 October. The attack has affected some of its systems, said the company disclosure. According to the company, steps were taken to restore the systems, and the attack has not hampered critical operational systems.
“The Company has taken steps to retrieve and restore the systems. All critical operational systems are functioning; however, as a measure of abundant precaution, restricted access and preventive checks have been put in place for employee and customer-facing portals and touch points,” said the company disclosure.
The Maharashtra cyber police officers told The Times of India that they were alerted about the attack. “No case has been registered by us. The Tata Power team took internal precautions,” superintendent of police Sanjay Shintre told the newspaper.
The disclosure did not mention the time of the attack, the type of security breach, or the suspected actors responsible for the attack. No breach of data was mentioned in the disclosure. According to a blog post published by Tata Tele Business Services earlier, the responsibility for security breaches rests on everyone involved.
“It should be considered that cyber-attacks are not only often but frequently creative and innovative. Though many large corporations around the world consistently boast of “security in their very DNA”, they often nose-dive to keep up pace with criminals who are always finding out newer ways to trespass your security cellar,” said the blog post.