Tech Mahindra lodges ransomware attack complaint for Smart City Project, PCMC says it will not absorb estimated Rs. 5 crore loss

Despite political parties demanding action against Tech Mahindra with regard to the ransomware attack on the Pimpri-Chinchwad Smart City Project, the Pimpri-Chinchwad Municipal Corporation (PCMC) said it would not bear the estimated Rs. 5 crore loss.

Tech Mahindra currently manages the smart city project. The company filed a complaint stating that the Chinchwad Smart City Project servers were victims of a ransomware attack. According to the complaints, the attackers demanded a ransom which is to be paid in Bitcoins. The incident occurred on February 26th. On March 9th, criminal charges were registered for the same at the Nigdi Police Station.

Tech Mahindra has lodged a complaint stating losses worth an estimated Rs.5 crore. Municipal Commissioner Rajesh Patil informed the company that the civic body will not absorb the loss. He argued that no sensitive data was leaked.
Neelkanth Poman, a PCMC IT officer, said, “We are surprised by the police complaint lodged by Tech Mahindra estimating the Rs 5 crore loss. We believe they can rework the system and set it right. There is no reason to suffer any loss. The PCMC will not pay them anything. We have conveyed the same to them.”

Officials state that the systems are presently being configured at the PCMC Smart City project server room in Astitva Hall. Poman added, “The attack took place when the configuration happened. They have encrypted the configuration data. The servers did not have any project data yet”.

Tech Mahindra has stated that although it has filed a complaint, it will not seek any compensation from the PCMC. Instead, it will rework the system.

Tech Mahindra APAC Business Head and Corporate Affairs President Sujit Baksi said, “After a detailed analysis of the situation in the last ten days, we have concluded that 25 servers are impacted, which need to be rebuilt, along with the implementation of a robust security system. The only cost would be towards the rework efforts. Our team is keeping a check on the situation regularly and has also continued the work on rebuilding the environment without touching the infected servers. The servers which were impacted are recoverable, and there is no commercial impact of it.”.

Political parties are pushing for action against Tech Mahindra. They are asking for a thorough investigation into the incident.
Maval Shiv Sena MP Shrirang Barne said, “This particular cyber attack has raised questions about the security of citizens. There should be a thorough investigation, and the guilty should be penalized.”
The BJP has also expressed its disapproval over the lapse, which led to the public exchequer’s financial losses. BJP member Seema Savale has demanded that the contract with Tech Mahindra be terminated. She said that the company made misleading and contradictory statements.

Pimpri-Chinchwad’ NCP Unit President, Sanjoy Waghere, said,” PCMC has spent crores of rupees on the project. Instead of securing the project, Tech Mahindra is trying to avoid its responsibility by claiming that a theft had occurred. This is a grave matter vis-a-vis the security of citizens and calls for a deeper probe. We request the PCMC to investigate the role of Tech Mahindra and sub-contractors and punish whoever is responsible.”