An unknown threat actor LOYLA has claimed to have access to sensitive employee details belonging to Indian conglomerate Larsen & Toubro Ltd (L&T). The TA is reportedly offering to sell Larsen & Toubro Data on BreachForums for $10,000.
According to the header information provided by the threat actor, the compromised Larsen & Toubro data contains the following:
- Personal and employment information.
- Bank account details.
- Nomination information.
- Permanent account number (PAN).
- Email address.
- Password.
- Family information of over 15,000 employees.
Although the sample data shared by the threat actor was limited, it is uncertain how much Larsen & Toubro data the attacker can access and whether the claims are genuine.
The threat actor has also claimed that the login passwords were stored in plain text and were common to several personal email accounts of the affected individuals.
Larsen & Toubro Data Security Incident
It is unclear how the threat actor obtained access to the L&T employee database and whether the claims are true. According to the TA’s profile, it seems to be a new member of the leak site and has only posted this data leak on March 13, 2023.
The Cyber Express team has reached out to Larsen & Toubro regarding the claims by the threat actor and is awaiting official confirmation from the company.
However, it is worth noting that L&T suffered a similar attack in November 2020.
According to Privacy Ninja, in November 2020, the Personal Data Protection Commission (PDPC) in Singapore received a complaint regarding the Singapore branch of Larsen & Toubro Infotech (LTI).
The complaint stated that an LTI employee had accidentally sent an email to a job applicant that contained the personal information of 13 past job applicants.
This email was then forwarded to an additional 74 job applicants, resulting in the unauthorized disclosure of personal information.
During a security incident, affected employees should take steps to protect themselves, such as changing their passwords and monitoring their bank accounts for any suspicious activity. Employees should also enable two-factor authentication and be vigilant of phishing emails or questionable phone calls.
NOTE: The above information is provided for informational purposes only and is yet to be verified by The Cyber Express. Any reliance on such information is at the user’s own risk. For any queries related to the content, please contact us at [email protected] The Cyber Express will not be liable for any errors or omissions in the information provided, or for any actions taken by users based on such information until it is verified.