All political parties are seeking an action against Tech Mahindra in the ransomware attack on the Pimpri-Chinchwad Smart City Project. The Pimpri-Chinchwad Municipal Corporation (PCMC) has said that it will not bear the estimated loss of Rs 5 crore.

As per the complaint lodged by IT firm – Tech Mahindra which is in charge of managing the smart city project, servers of Chinchwad Smart City Project fell victim to a ransomware attack. The complaint also highlights that the attackers have demanded a ransom which needs to be paid in Bitcoins. The attack took place on February 26 and a criminal offence in connection with this has been registered at Nigdi Police Station on March 9.

Tech Mahindra has filed an estimated loss of Rs 5 crore, Municipal Commissioner Rajesh Patil has conveyed to the firm that the civic body will not absorb the costs. The civic body has contended that no sensitive data was leaked. PCMC IT officer Neelkanth Poman told a news source that “We are surprised by the police complaint lodged by Tech Mahindra estimating the loss at Rs 5 crore. We believe that they can rework the system and set it right. There is no justification or reason for suffering any loss. PCMC will not pay them anything, we have conveyed to them about this.”

According to officials, system configuration is in process at the PCMC Smart City project’s server room, located at Astitva Hall near Nigdi Pradhikaran.

“The ransomware attack happened when the configuration happened. They have encrypted the configuration data. The servers did not have any project data as of yet,” said Poman,

On its part, Tech Mahindra has now contended that though it has filed the complaint estimating the loss of Rs 5 crore, it is not going to seek any compensation from the PCMC but will rework the system.

Sujit Baksi, Head, APAC Business and President, Corporate Affairs, Tech Mahindra, told the news source, “On the morning of 26th February, we were informed about the ransomware attack on PCMC servers. Following which the team briefed the whole situation to the cyber security officials and subsequently filed the FIR with the police. After detailed analysis of the situation in last 10 days, we have come to a conclusion that 25 servers are impacted which need to be rebuilt along with implementation of a robust security system. Though the FIR mentions damage of about Rs 5 crore, which is not for any material cost or data, the only cost would be towards the rework efforts. Our team is monitoring the situation on a regular basis and has also continued the work on rebuilding the environment without touching the infected servers. The servers which were impacted are recoverable and there is no impact of it commercially.”

All the political parties have demanded action against Tech Mahindra and a thorough investigation into the whole affair.

Maval Shiv Sena MP Shrirang Barne said, “This particular cyber attack raises questions about the securty of citizens. There should be a thorough investigation and the guilty should be punished.”

In a letter to the PCMC chief, he wrote, “On one hand Tech Mahindra has claimed that some unknown persons from China, Russia, France and Germany carried out the ransomware attack. On the other hand, it says some unknown persons tried to enter the server and encrypted important data while demanding bitcoins for decrypting the data. The contradictions are clear. There seems to be an attempt to mislead PCMC. There is a possibility of involvement of civic officials in this case. Therefore, there should be an investigation against Tech Mahindra and civic officials who are working irresponsibly. This incident has raised questions whether our data is safe or not especially when we are pumping crores of rupees in it.”

The ruling BJP is also miffed with Tech Mahindra for the lapse and causing a financial loss to the public exchequer. BJP corporator Seema Savale said, “The company has bagged a Rs 525 crore contract of which Rs 15 crore are to be spent on the firewall to secure the systems. The successful attacks shows that proper firewall has not been built by the company for the systems. Also, the company has made several contradictory statements in the FIR to police. It’s clear that it’s trying to hide something,” said Savale, demanding that the contract with the company be scrapped. Savale also said that Tech Mahindra on one hand said attempt was made to enter the server and at the same time, says the attackers entered the server and encrypted the data. “These contradictory and misleading statments should be investigated thoroughly,” she said.

Sanjoy Waghere, president of Pimpri-Chinchwad unit of NCP said, “PCMC has spent crores of rupees on the project. Instead of securing the project, Tech Mahindra is trying to avoid its responsibility by claiming that a theft had taken place. This is a very serious matter vis-a vis security of citizens and calls for a deeper probe. We request the PCMC to investigate the roleTech Mahindra and sub-contractors and punish whoever is responsible.”