Software Giant Satyam Computer Services has reportedly been banned from doing any off-shore work with the World Bank. According to a Fox News report, forensic experts and bank investigators discovered that the sensitive data from their computers were logged to unknown destination over internet. As per reports, key logger software was found on workstations inside the bank’s Washington headquarters, allegedly by one or more contractors from Satyam Computer Services.
Update: Satyam speaks up – Satyam denies report on offshore ban with World Bank. Satyam further added that reports are riddled with error and are out of context. More Details awaited!
Investigators say that the software, which operates through a method known as keystroke logging, enabled every character typed on a keyboard to be transmitted to a still-unknown location via the Internet. Upon its discovery, bank officials shut off the data link between Washington and Chennai, where Satyam has long operated the bank’s sole offshore computer center responsible for all of the bank’s financial and human resources information.
“I want them off the premises now,” World Bank President Robert Zoellick reportedly told his deputies.
Satyam is publicly listed on the New York Stock Exchange and boasts having two billion dollars in sales and more than 150 Fortune 500 companies as clients.
In 2003, Satyam won a lucrative five-year “sole source” contract to design, write and maintain all of the World Bank’s information systems. The contract, which began at $10 million, had grown to over $100 million by 2007. This year, the contract was not renewed. Satyam has declined to comment.
It is still not known how much information was stolen. But sources inside the bank confirm that servers in the institution’s highly restricted treasury unit were deeply penetrated with spy software last April. Invaders also had full access to the rest of the bank’s network for nearly a month in June and July.
One World Bank director told FOX News that as many as 40 servers have been penetrated, including one that held contract-procurement data. It took ten days for bank officials to detect that they’d been invaded. Once they did, they shut down all external servers, except for e-mail, which it turns out the invaders were already using as their entrance point.