Kolkata: West Bengal Police has launched a high-level investigation into a major security breach at the Cyber Crime Wing (CCW) data centre, which houses highly confidential cyber investigation tools. Authorities suspect deliberate sabotage by the Kolkata-based private vendor (local partner) managing the facility, despite the company’s claim that the incident was the result of a ransomware attack.
The CCW data centre is a specialised facility designed to store, process, and manage large volumes of sensitive digital data. It hosts critical law enforcement applications, including the CAT C5 system, which filters VoIP calls for cyber investigations and supports statewide software and IP data analysis.
The facility, commissioned on September 30, 2024, under the State Grid Project, was awarded to the vendor as the L1 bidder in a December 2023 e-tender floated by Webel Technology Ltd. Following the breach, police lodged an FIR at Bidhannagar Cyber Crime PS, alleging that sensitive data may have been compromised through deliberate sabotage.
Sources revealed that subject matter experts had previously recommended upgrading the facility with defence-grade encryption, but the advice was ignored. On July 28, the CCW reported a complete service disruption. The vendor claimed ransomware had encrypted all data and storage systems, producing a ransom note during inspection.
However, investigators remain unconvinced, noting that the vendor retained exclusive remote access during the attack and had repeatedly refused to hand over administrative credentials, even after a high-level meeting on July 25 at the DG & IGP Cyber Crime Wing’s office.
The complaint further states that, despite repeated reminders, the vendor withheld control of the state’s central data centre. Just two days after the meeting, on July 27, multiple districts reported VPN failures and disruptions to the C5 application. Sources also disclosed that the affected VPN infrastructure is linked to a company based in Israel.
Several officers, including senior officials, are under scrutiny for their alleged role in the incident, with some already facing departmental action.
The FIR invokes multiple provisions of the Bharatiya Nyaya Sanhita (BNS) relating to criminal conspiracy, cheating, and breach of trust, along with sections of the IT Act. The investigation is ongoing.
