Raymond Limited, a textile and clothing company, reported a cybersecurity attack that affected some of its IT infrastructure.
In a regulatory filing to the Bombay Stock Exchange (BSE) and National Stock Exchange (NSE), the company confirmed that threat actors breached peripheral systems, prompting immediate isolation of affected assets.
Core operational frameworks, including customer-facing retail platforms and supply chain management systems, remain unaffected, with stores and digital services operating normally.
The breach, detected during routine network traffic analysis, targeted non-critical IT nodes handling internal communications and archival data.
Preliminary forensic assessments suggest attackers exploited a vulnerability in a legacy API interface, though the exact attack vector remains under investigation.
Raymond’s cybersecurity team deployed network segmentation protocols to quarantine compromised systems, preventing lateral movement into centralized databases or cloud-based ERP platforms.
Cybersecurity professionals and internal IT teams are performing forensic research to assess the attack’s access sites, duration, and any data disclosure risks.
While the filing did not identify the threat actors or clarify whether ransomware or data exfiltration occurred, Raymond acknowledged implementing “necessary precautions and protocols” to reduce the incident’s impact.
Raymond’s incident response team activated a playbook aligned with the NIST Cybersecurity Framework, prioritizing:
- Containment: Disabling compromised user credentials and enforcing multi-factor authentication (MHA) across all privileged accounts.
- Eradication: Patching the vulnerable API endpoint and deploying behavioral analytics to identify residual malicious activity.
- Recovery: Restoring isolated systems from offline backups after sanitizing infected workloads.
Notably, the attackers attempted to deploy fileless malware via PowerShell scripts, a tactic increasingly observed in ransomware campaigns. However, Raymond’s application allowlisting mechanisms blocked unauthorized code execution.
The breach underscores the importance of Security Information and Event Management (SIEM) systems.
While no customer data breaches have been identified, Raymond advises stakeholders to monitor financial accounts and report suspicious activity.
