Infosys BPM Company Cyber Security Posture
infosysbpm.comInfosys BPM Ltd., the business process management subsidiary of Infosys Ltd. (NYSE: INFY), was set up in April 2002. Infosys BPM focuses on integrated end-to-end outsourcing and delivers transformational benefits to its clients through reduced costs, ongoing productivity improvements, and process re-engineering. Infosys BPM operates in India, Poland, the Czech Republic, the Netherlands, Ireland, South Africa, Brazil, Mexico, Costa Rica, the United States, Puerto Rico, China, the Philippines, Singapore, and Australia. Infosys BPM has been consistently ranked among the leading BPM companies and has received over 60 awards and recognitions in the last 5 years from key industry bodies and forums like the International Association of Outsourcing Professionals, Outsourcing Center, SSON, and NOA, among others. Infosys BPM also has very robust people practices, as substantiated by the various HR-specific awards it has won over the years. The company has consistently been ranked among the top employers of choice, on the basis of its industry-leading HR best practices. The companyโs senior leaders contribute widely to industry forums as BPO strategists.
Infosys BPM Company Details
infosys-bpm
41762 employees
2055276.0
541
IT Services and IT Consulting
infosysbpm.com
Scan still pending
INF_1064000
In-progress
Infosys BPM Risk Score (AI oriented)Between 900 and 1000
This score is AI-generated and less favored by cyber insurers, who prefer the TPRM score.
Infosys BPM Global Score.png)
Infosys BPM Company Scoring based on AI Models
| Model Name | Date | Description | Current Score Difference | Score |
|---|---|---|---|---|
| AVERAGE-Industry | 03-12-2025 | This score represents the average cybersecurity rating of companies already scanned within the same industry. It provides a benchmark to compare an individual company's security posture against its industry peers. | N/A | Between 900 and 1000 |
Infosys BPM Company Cyber Security News & History
| Entity | Type | Severity | Impact | Seen | Url ID | Details | View |
|---|---|---|---|---|---|---|---|
| Infosys McCamish Systems | Ransomware | 100 | 4 | 6/2024 | MCC449070624 | Link | |
Rankiteo Explanation : Attack with significant impact with customers data leaksDescription: Infosys McCamish Systems experienced a data breach resulting from a LockBit ransomware attack, impacting over 6 million individuals. The breach saw unauthorized access to a substantial amount of sensitive personal data, including names, Social Security numbers, medical information, financial account information, and passport numbers. The incident led to the non-availability of certain applications and systems, and subsequent restoration and security measures resulted in at least $30 million in losses for the company. Additional costs are anticipated due to potential indemnities or damage claims. | |||||||
| Infosys McCamish Systems LLC | Breach | 85 | 4 | 11/2023 | MCC245071625 | Link | |
Rankiteo Explanation : Attack with significant impact with customers data leaksDescription: On February 2, 2024, the Montana Department of Justice reported a data breach involving Infosys McCamish Systems LLC (IMS) that occurred on November 3, 2023. The breach involved unauthorized access to IMS systems, potentially compromising personal information related to deferred compensation plans affecting 52 residents. | |||||||
Infosys BPM Company Subsidiaries
Infosys BPM Ltd., the business process management subsidiary of Infosys Ltd. (NYSE: INFY), was set up in April 2002. Infosys BPM focuses on integrated end-to-end outsourcing and delivers transformational benefits to its clients through reduced costs, ongoing productivity improvements, and process re-engineering. Infosys BPM operates in India, Poland, the Czech Republic, the Netherlands, Ireland, South Africa, Brazil, Mexico, Costa Rica, the United States, Puerto Rico, China, the Philippines, Singapore, and Australia. Infosys BPM has been consistently ranked among the leading BPM companies and has received over 60 awards and recognitions in the last 5 years from key industry bodies and forums like the International Association of Outsourcing Professionals, Outsourcing Center, SSON, and NOA, among others. Infosys BPM also has very robust people practices, as substantiated by the various HR-specific awards it has won over the years. The company has consistently been ranked among the top employers of choice, on the basis of its industry-leading HR best practices. The companyโs senior leaders contribute widely to industry forums as BPO strategists.
Access Data Using Our API
Get company history
Rapid.png)
Infosys BPM Cyber Security News
Cybersecurity: Infosys' US unit to pay $18mn fine
Infosys McCamish Systems, impacted by a 2023 cybersecurity incident, will pay $17.5 million to resolve class-action lawsuits.
Infosys McCamish resolves class action lawsuits with $17.5m payment
None
Infosys Strengthens Global Security Operations with Strategic Australian Cybersecurity Acquisition
Infosys (NYSE: INFY) has announced a definitive agreement to acquire The Missing Link, an Australian cybersecurity services specialist firm. Theย ...
The Professionals: Inside the High-Stakes World of Cyber Defense with AlixPartner's Beth Musumeci
None
Infosys to Settle $17.5 Million Lawsuit Over 2023 Cybersecurity Breach
India's second-largest IT services company, Infosys, will pay $17.5 million to settle a class-action lawsuit filed against Infosys McCamishย ...
Cybersecurity Lapse: Infosysโ US Unit Fined โน150 Crore
The cyberattack, linked to the notorious LockBit ransomware gang, disrupted IMS services, impacting applications and systems used by the firmย ...
Infosys settles $17.5 mn class action over US cyberattack, data breach
Infosys will make payments of $17.5 mn towards settlement of US lawsuits for a cyberattack that led to data being breached.
Infosys to pay USD 17.5 million to settle lawsuits over McCamish Cyber incident
In November 2023, the company disclosed that Infosys McCamish Systems was impacted by a cybersecurity event resulting in non-availability ofย ...
Wells Fargo named in cyberattack on Infosys subsidiary McCamish, which affected 6 million
Wells Fargo, one of the big four American banks, was named by McCamish Systems, a US subsidiary of the Indian IT major Infosys, in last year'sย ...
Infosys BPM Similar Companies
IAP
IAP is a top-tier Japanese IT consulting and professional services firm, headquarters in Tokyo, Japan and a well established Quality certified development center in India. IAP has a technical and academic alliance program with more than 40 companies and organizations worldwide, creating a pooled w
Asurion
As the worldโs leading tech care company, Asurion eliminates the fears and frustrations associated with technology, to ensure our 300 million customers get the most out of their devices, appliances and connections. We provide insurance, repair, replacement, installation and 24/7 support for everythi
AeC
A AeC รฉ apontada consistentemente como a lรญder brasileira na entrega de soluรงรตes de experiรชncia do cliente e gestรฃo de processos terceirizados. Servindo as principais marcas do mercado nacional, conquistou nos trรชs รบltimos anos a posiรงรฃo de Empresa do Ano de BPO pela conceituada Frost and Sullivan
WDS Global
Since 1995, WDS has been dedicated to helping both service providers and end-users get the most from their wireless products and services. Today, by optimizing the entire process of launching and managing wireless products and services, the company enlightens its customers with the knowledge and eff
Elsevier
As a global leader in information and analytics, Elsevier helps researchers and healthcare professionals advance science and improve health outcomes for the benefit of society. We do this by facilitating insights and critical decision-making for customers across the global research and health ecosys
Serco
We bring together the right people, the right technology and the right partners to create innovative solutions that make positive impact and address some of the most urgent and complex challenges facing the modern world. With a focus on serving governments globally, Sercoโs services span justice,
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
Infosys BPM CyberSecurity History Information
How many cyber incidents has Infosys BPM faced?
Total Incidents: According to Rankiteo, Infosys BPM has faced 2 incidents in the past.
What types of cybersecurity incidents have occurred at Infosys BPM?
Incident Types: The types of cybersecurity incidents that have occurred incidents Ransomware and Breach.
What was the total financial impact of these incidents on Infosys BPM?
Total Financial Loss: The total financial loss from these incidents is estimated to be $30 million.
Incident Details
Can you provide details on each incident?
Incident : Data Breach
Title: Data Breach at Infosys McCamish Systems LLC
Description: Unauthorized access to IMS systems, potentially compromising personal information related to deferred compensation plans affecting 52 residents.
Date Detected: 2024-02-02
Date Publicly Disclosed: 2024-02-02
Type: Data Breach
Attack Vector: Unauthorized Access
Incident : Data Breach
Title: Infosys McCamish Systems Data Breach
Description: Infosys McCamish Systems experienced a data breach resulting from a LockBit ransomware attack, impacting over 6 million individuals. The breach saw unauthorized access to a substantial amount of sensitive personal data, including names, Social Security numbers, medical information, financial account information, and passport numbers. The incident led to the non-availability of certain applications and systems, and subsequent restoration and security measures resulted in at least $30 million in losses for the company. Additional costs are anticipated due to potential indemnities or damage claims.
Type: Data Breach
Attack Vector: Ransomware
Threat Actor: LockBit
What are the most common types of attacks the company has faced?
Common Attack Types: The most common types of attacks the company has faced is Ransomware.
Impact of the Incidents
What was the impact of each incident?
Incident : Data Breach MCC245071625
Data Compromised: Personal Information, Deferred Compensation Plans
Systems Affected: IMS Systems
Incident : Data Breach MCC449070624
Financial Loss: $30 million
Data Compromised: names, Social Security numbers, medical information, financial account information, passport numbers
Systems Affected: certain applications and systems
Legal Liabilities: potential indemnities or damage claims
What is the average financial loss per incident?
Average Financial Loss: The average financial loss per incident is $15.00 million.
What types of data are most commonly compromised in incidents?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Personal Information, Deferred Compensation Plans, names, Social Security numbers, medical information, financial account information and passport numbers.
Which entities were affected by each incident?
Incident : Data Breach MCC245071625
Entity Type: Company
Industry: Financial Services
Customers Affected: 52
Incident : Data Breach MCC449070624
Entity Type: Company
Industry: Technology
Customers Affected: over 6 million individuals
Data Breach Information
What type of data was compromised in each breach?
Incident : Data Breach MCC245071625
Type of Data Compromised: Personal Information, Deferred Compensation Plans
Number of Records Exposed: 52
Personally Identifiable Information: True
Incident : Data Breach MCC449070624
Type of Data Compromised: names, Social Security numbers, medical information, financial account information, passport numbers
Number of Records Exposed: over 6 million
Sensitivity of Data: high
Personally Identifiable Information: names, Social Security numbers, passport numbers
Ransomware Information
Was ransomware involved in any of the incidents?
Incident : Data Breach MCC449070624
Ransomware Strain: LockBit
References
Where can I find more information about each incident?
Where can stakeholders find additional resources on cybersecurity best practices?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: Montana Department of JusticeDate Accessed: 2024-02-02.
Additional Questions
General Information
Who was the attacking group in the last incident?
Last Attacking Group: The attacking group in the last incident was an LockBit.
Incident Details
What was the most recent incident detected?
Most Recent Incident Detected: The most recent incident detected was on 2024-02-02.
What was the most recent incident publicly disclosed?
Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on 2024-02-02.
Impact of the Incidents
What was the highest financial loss from an incident?
Highest Financial Loss: The highest financial loss from an incident was $30 million.
What was the most significant data compromised in an incident?
Most Significant Data Compromised: The most significant data compromised in an incident were Personal Information, Deferred Compensation Plans, names, Social Security numbers, medical information, financial account information and passport numbers.
What was the most significant system affected in an incident?
Most Significant System Affected: The most significant system affected in an incident was IMS Systems and certain applications and systems.
Data Breach Information
What was the most sensitive data compromised in a breach?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were Personal Information, Deferred Compensation Plans, names, Social Security numbers, medical information, financial account information and passport numbers.
What was the number of records exposed in the most significant breach?
Number of Records Exposed in Most Significant Breach: The number of records exposed in the most significant breach was 6.0M.
References
What is the most recent source of information about an incident?
Most Recent Source: The most recent source of information about an incident is Montana Department of Justice.
What Do We Measure?
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
