The hackers claim to be selling data relating to thousands of current and former employees of the Piramal Group, an Indian conglomerate with businesses in pharmaceuticals, financial services and real estate.
A listing on a popular cybercrime forum seen by TechCrunch last week showed an anonymous threat actor publishing some of the allegedly stolen Piramal data for an undisclosed amount. The data samples included names and email addresses.
The allegedly stolen data could be of great value to cybercriminals, who could use it to launch cyber attacks targeting employees.
According to the Piramal Group website, with offices in over 30 countries, the Piramal Group has over 10,000 employees and employees of diverse nationalities from 21 countries. Headquartered in Mumbai, the company has its brands present in over 100 markets around the world. Piramal operates several subsidiaries, including non-banking finance company Piramal Enterprises, pharmaceutical company Piramal Pharma, healthcare company Piramal Healthcare, and real estate development arm Piramal Realty.
TechCrunch obtained a larger data sample from the threat actor, containing over 10,000 entries. TechCrunch verified some of the entries using a job portal and found entries related to current and former employees of Indian companies.
On Tuesday, when TechCrunch provided Piramal with a sample of the data the threat actors shared, the company denied any data breach on its systems, suggesting the data may have come from a third party.
“After a thorough investigation, we can confirm that no data breach incident has occurred at Piramal Group. Our IT and cyber security teams have thoroughly examined our systems and found no evidence to support the claims of any such information or files being present on our servers. Further, the sample data does not contain any Piramal information such as employee email IDs and appears to have originated from a third-party platform,” Piramal spokesperson Mihir Mukherjee said in an emailed statement.
Piramal did not name the third-party platform in question, and a company spokesperson declined to comment on how the company determined no data breach had occurred, including whether Piramal had the technical means to detect such a breach.
Piramal also told TechCrunch that it had received inquiries from India's Computer Emergency Response Team (CERT-In) regarding the data breach incident.
“After a thorough investigation, [to] “CERT-In has advised that no such data breach incident has occurred in our system and no information has been compromised,” the spokesperson said.