In a recent turn of events, Innefu Labs, a prominent Indian cybersecurity firm renowned for its AI and data analytics solutions, has reportedly fallen victim to a sophisticated cyberattack. The breach, revealed by a threat actor named ‘PreciousMadness’ on the RAMP forum, has raised concerns within the cybersecurity community.
The breach, disclosed on January 10, 2024, exposes unauthorized access to Innefu’s systems, including critical components like Fortinet VPN and Microsoft 365 Services. PreciousMadness is offering this access, along with 54 GB of exfiltrated data, for $1,300. The threat actor’s solicitation for potential buyers to contact privately has intensified the gravity of the situation.
The Cyber Express team attempted to contact Innefu Labs for an official statement but received no response, leaving the extent of the breach unverified.
The breach not only affects Innefu Labs, boasting an annual revenue exceeding $25 million, but also poses risks to its diverse clientele, encompassing corporate and government sectors. The incident highlights vulnerabilities within firms specializing in digital security, sparking concerns about the overall cybersecurity landscape.
The Cyber Express conducted an investigation in collaboration with independent researchers, revealing that the breach exposed sensitive information belonging to various Indian and overseas entities, including individuals, major conglomerates, politicians, and government agencies.
The breach has implications beyond India, extending to the Asia and Pacific (APAC) region, underscoring the broader cybersecurity challenges faced by companies in the digital era.
Cyble Research and Intelligence Labs (CRIL), acknowledging the seriousness of the breach, refrained from disclosing further details due to the sensitive nature of the data involved.
In addition to the data breach, Innefu Labs’ involvement in surveillance technologies has been a subject of public debate. Questions surrounding the use of Automated Facial Recognition System (AFRS) technology by Delhi Police, sourced from Innefu Labs, have raised transparency and accountability concerns.
