Email system breached, SEBI files a FIR and takes mitigation measures

17 Jul 2022

The email system at the Securities and Exchange Board of India suffered a cyber-security breach recently and the markets regulator has filed a First Information Report with the police, it said in a press release on Saturday.

SEBI said the incident occurred when its email system was undergoing a system upgrade.

SEBI said that after detecting the cyber-security breach it informed the Indian Computer Emergency Response Team “as per the standard operating procedure”, strengthened “the required security configuration of the (email) system” and took other mitigation measures.

The Indian Computer Emergency Response Team is the national nodal agency for responding to computer security incidents. It operates under the Ministry of Electronics and Information Technology.

The markets regulator had set up its own internal cyber-security operations center during 2020-21 (Apr-Mar) to monitor and defend enterprise-wide information technology systems.

The center was in charge of continuously monitoring SEBI’s computer systems for cyber threats and attacks and blocking such attacks.

SEBI introduced a cyber-security framework in July 2015 for systemically important market infrastructure institutions like stock exchanges and depositories.

It subsequently extended this framework to other regulated intermediaries and companies.