Software major Tech Mahindra, one of the firms managing the Pimpri Chinchwad Smart City project, has been asked by the city’s civic administration to file a detailed report within three days about a cyber-attack on the project’s servers the company said took place on February 26.
“It has been more than 15 days since a ransomware cyberattack happened on ICC data centre. Based on the understanding of Tech Mahindra’s solution experts and security experts, kindly submit a detailed report to PCSCL regarding the root cause analysis, impacts observed, probable future impacts, remedial actions in process, tentative delays in project implementation, details of financial losses incurred by M/s Tech Mahindra and any other risk and corrective action to be taken to overcome similar future attacks,” Pimpri Chinchwad Municipal Commissioner Rajesh Patil, who also heads the smart city project, said in a letter to the company.
On March 9, Tech Mahindra had registered a complaint at Nigdi police station, alleging a ransomware attack on the smart city project servers. According to the complaint, the attackers had demanded a ransom to be paid in bitcoins.
The company had initially estimated losses of Rs 5 crore, but the civic body had made it clear that it would not absorb the losses. The municipal corporation had also said there was no loss of data during the attack.
BJP corporator Seema Savale, who is the former chairperson of the civic standing committee, had raised doubts over the company’s version of events. “We suspect that the complaint was filed to claim insurance benefits of Rs 5 crore… the whole episode raises several questions. The civic administration should set the record straight,” Savale had said in a letter sent to the PCMC commissioner.
In his letter to the company, PCMC commissioner Rajesh Patil also said Tech Mahindra was in violation of its contract. “Tech Mahindra and its consortium partners are selected as system integrators for implementation of the smart city project and its operation for five years. Tech Mahindra and its consortium partners need to adhere to RFP clause. The ransomware attack proves the violation of RFP clauses and contract clauses… We are expecting a reply within three days,” the letter said.
– Stay updated with the latest Pune news. Follow Express Pune on Twitter here and on Facebook here. You can also join our Express Pune Telegram channel here.
In an earlier statement, Sujit Baksi, head, APAC business and president, corporate affairs at Tech Mahindra, had clarified that the estimated Rs 5 crore loss was not due to any material or data theft, but the cost of making the system more secure.
“On the morning of 26th February, we were informed about the ransomware attack on PCMC servers, following which, the team briefed the whole situation to the cyber security officials and subsequently filed an FIR with the police. After detailed analysis of the situation in the last ten days, we have come to a conclusion that 25 servers are impacted, which need to be rebuilt along with the implementation of a robust security system.
Though the FIR mentions damage of about Rs 5 crore, it is not for any material cost or data, the only cost would be towards rework efforts. Our team is monitoring the situation on a regular basis, and has also continued the work on rebuilding the environment without touching the infected servers. The servers which are impacted are recoverable and there is no impact on it commercially,” the statement had said.