Cyber Incident Victim: Haldirams Snacks

On the intervening night of July 12-13, 2020, unidentified hackers executed a ransomware attack against the servers of Haldiram’s Snacks Private Limited, a Noida-based food company. The breach was initially detected when operational issues emerged with the company’s server infrastructure, which subsequent analysis confirmed as a ransomware compromise. Attackers encrypted critical systems and exfiltrated sensitive corporate data before issuing a ransom demand of ₹750,000 (approximately $10,000 USD at the time) for data restoration. Haldiram’s filed a formal complaint at the Noida Sector 58 police station on July 15, 2020, triggering a criminal investigation under India’s Information Technology Act. The attack timeline suggests rapid execution, with initial server disruptions occurring overnight and forensic confirmation of ransomware occurring shortly thereafter. No technical details regarding attack vectors (e.g., phishing, vulnerabilities) or ransomware variant were disclosed in public reports.

The compromised data included financial records, employee personal information, payroll details, retail sales transactions, purchase histories, and comprehensive inventory datasets. This breach exposed operational and personnel vulnerabilities, potentially enabling secondary fraud or identity theft against affected employees. The ransom demand explicitly targeted data decryption rather than suppression of disclosure, indicating attackers prioritized operational disruption over reputational coercion. Haldiram’s public response was limited to law enforcement engagement, with no disclosed negotiations or payments to attackers. The incident disrupted core business functions reliant on server access, though duration and severity of operational impacts were not quantified in available reports. Sector 58 police initiated procedural investigations but did not publicize attribution findings or recovery outcomes.