Cyber Incident Victim: Mithaas

On August 22, 2020, at approximately midday, the corporate office servers of Mithaas Sweets, a confectionery manufacturer based in Noida’s Sector 63, India, experienced a ransomware attack. Threat actors infiltrated the company’s systems and encrypted operational data using a format distinct from the organization’s standard file structures, rendering critical business information inaccessible. The incident occurred barely a month after Haldiram Snacks Private Limited, another Noida-based food producer, suffered a similar ransomware compromise at its corporate headquarters, suggesting a potential pattern of threat actor focus on regional manufacturers. Mithaas personnel discovered the encryption event during routine operations on the afternoon of the attack, though the specific detection method or initial intrusion vector remains undisclosed in public reporting. No threat actor group claimed responsibility or issued explicit ransom demands in initial public disclosures about the event.

The attack disrupted Mithaas’s standard business operations by compromising server functionality and restricting access to essential data assets. While the company confirmed the encryption of corporate data, it did not publicly disclose whether backup systems were affected or whether customer or employee personal information was exfiltrated during the incident. Sector 63 police were notified of the breach, though no investigative updates or forensic findings were subsequently released to media outlets. The company undertook containment measures to isolate compromised systems, but technical specifics regarding malware identification, decryption efforts, or infrastructure restoration timelines were not provided in available reports. Operational impacts persisted beyond the initial containment phase, though the duration and financial consequences of business interruption remained unquantified in disclosed records.