Cressanda Railway impersonated via fake domain by ex-employee, vendor
Ex-employee, IT vendor created fake domain to impersonate Cressanda to key clients. Company alerted clients, terminated access, filing criminal complaint.
What's new
- Ex-employee Devendra Jha and IT vendor Ocean IT Solutions registered fake domain www.cressandarailway.com to impersonate the company.
- Fake email info@cressandarailway.com used to misrepresent facts to Eastern Railway and a Maharashtra Government department.
- Cressanda has terminated vendor access, initiated cybersecurity audit, and will file criminal complaint for trademark infringement.
Why this matters
For a nano-cap already reeling from a terminated Eastern Railway contract, this new fraud could further damage client trust and jeopardize remaining government revenue streams. The company's fragile operational position makes even non-financial risks material.
What we're watching
- Whether Eastern Railway or other clients take any action following the disclosure.
- Outcome of the criminal complaint and cybersecurity audit.
- Any impact on the company's ability to retain remaining contracts.
The full read
Cressanda Railway Solutions, a nano-cap already struggling after losing its Eastern Railway contract, disclosed that an ex-employee and the head of its outsourced IT vendor created a fake domain and email to impersonate the company. The fraudulent email was used to misrepresent facts to key government clients, including Eastern Railway and a Maharashtra Government department. Cressanda has alerted those clients, terminated the vendor's access, and is filing a criminal complaint as well as trademark infringement proceedings. No immediate financial loss has been quantified, but for a company with ₹104 crore market cap and trailing revenue down 94%, any threat to remaining government contracts is material. The open question is whether this incident pushes existing clients to reassess their relationship with Cressanda.
Questions answered
- What exactly did the ex-employee and vendor do?
- They registered the domain www.cressandarailway.com and created the email info@cressandarailway.com to impersonate Cressanda. They used this fake identity to send misrepresentations to key government clients, including Eastern Railway and a Maharashtra Government department.
- Has the company suffered any financial loss from this fraud?
- Cressanda has not disclosed any immediate financial loss, but the reputational damage and potential impact on client relationships could have long-term revenue consequences.
- What steps has Cressanda taken in response?
- The company has alerted affected clients, terminated the IT vendor's access, initiated an independent cybersecurity audit, and is filing a criminal complaint with the Cyber Crime Cell along with legal proceedings for trademark infringement.
- How does this event relate to Cressanda's recent business troubles?
- Cressanda was already under financial distress after Eastern Railway terminated a contract. This fraud adds a new layer of risk, potentially further eroding trust with government clients and complicating efforts to stabilize operations.