Securities and Exchange Boardnof India noticed the incident when its email system was undergoing an upgrade.
It subsequently lodged an FIR( first information report) under the Information Technology Act with the Bandra-Kurla Complex (BKC) police station, Mumbai. The regulator’s headquarters is in BKC .
“Various mitigation measures were immediately taken in response to the said cyber security incident including, informing Indian Computer Emergency Response team (CERT-In) as per the standard operating procedure, strengthening the required security configuration of the system, etc.,” SEBI said in a statement on Saturday.
The regulator said that it constantly monitors its detection and prevention systems and has taken additional measures post the incident to tighten the security procedures for the implementation and migration activities.
Unknown persons accessed the official emails of more than half a dozen Sebi employees and sent several messages from them.
However, no sensitive data had been compromised or encrypted.
“It was a small incident. CERT-IN is fully in the loop. No sensitive data was lost. Root cause has been diagnosed and fixed. Prevention for future has been fully implemented,” said an official spokesperson of Sebi.