Ransomware Attack on Comtel Data Centre Disrupts 16 Brokers and Client Operations

A ransomware attack on Comtel Data Centre has severely impacted around 16 stockbrokers, including prominent names like IIFL Securities, 5Paisa, and Axis Securities. The breach has led to blocked exchange access and raised concerns over client data and order flow security. Exchanges have mandated strict security certifications before resuming operations.

  • Targeted Attack: The ransomware targeted Comtel, a data centre servicing multiple brokers, affecting systems and operations.
  • High-Profile Impact: Brokers such as IIFL Securities, 5Paisa, and Axis Securities were among the 16 entities affected.
  • Exchange Blockage: Leading exchanges like NSE and MCX suspended access for impacted brokers, complying with SEBI norms.
  • Potential Data Exposure: Client data and order flow could have been compromised, raising security and privacy concerns.
  • OMS Vulnerability: A suspected entry point for the attack was Symphony's order management system, used for multi-asset trades.
  • Regulatory Requirements: Brokers must obtain Certified Information Systems Auditor (CISA) clearance to certify systems as ransomware-free before resuming operations.
  • Wider Risks: The attack underscores vulnerabilities in shared services like data centres used for cost efficiency by brokerages.

The ransomware attack on Comtel Data Centre highlights the increasing threat of cyberattacks targeting critical financial infrastructure. The breach's impact on brokers and client data emphasizes the urgent need for robust cybersecurity measures, regular audits, and adherence to stringent regulatory standards. As ransomware campaigns grow more sophisticated, businesses must adopt proactive strategies to secure their operations and client information.

Net Protector Cyber Security recommends continuous monitoring, endpoint protection, and advanced threat detection systems to safeguard against similar attacks.