InfoSecBulletin Cybersecurity for mankind
Amazon Web Services (AWS) has been named in an FIR after a builder claimed damages to the tune of Rs 150 crore over the loss of data stored with the cloud-service platform.
The FIR was filed by the CCB’s Cyber Crime Police Station on February 11 following a complaint by Sridhar Rajendran from M/s Adarsh Developers.
AWS SNS misused for Data Exfiltration and Phishing
Researcher found non protected database form ESHYFT containig 86000 records
CVE-2024-55591 and CVE-2025-24472
New SuperBlack ransomware exploits Fortinet flaws
CVE-2025-25291 & CVE-2025-25292
Attention! GitLab Patched Critical Authentication Bypass Flaws
CVE-2025-20138
Cisco released High Security Alert for IOS XR Software
400+ IPs Exploiting Multiple SSRF Vulnerabilities
NVIDIA has released update for NVIDIA Riva
CVE-2025-24201
Apple fixes 0-day exploited in “extremely sophisticated attack”
Microsoft’s March 2025 updates fix 7 zero-day, 57 flaws
Ballista Botnet infects 6000 Unpatched TP-Link Routers
According to Rajendran’s complaint, a copy of which was reviewed by DH, the firm has been developing residential, commercial and hospitality projects across Bengaluru for 36 years.
Rajendran said they used “SAP ERP stored with Amazon Cloud Services” to store their financial data as well as the customers’ personal data.
“In May 2023, Saidalawi Safan, a business development representative from AWS, contacted the firm and insisted on using their cloud storage servers to ensure retrieval of data even in the events of cyber terrorism or act of sabotage or other events like lightning, earthquake, cyclone, flood, storms, etc,” Rajendran said as per the FIR.
“Believing such assurance, in December 2023, the company procured cloud storage facilities with AWS through SAP implementation partner M/S SAVIC Technologies Pvt Ltd, Mumbai. The work order was issued to them to shift the company’s data from the earlier cloud storage facility to the AWS and also to maintain the data securely for three years until November 2027. The payment was agreed for Rs 88,59,924, including GST, Rajendran added.
On January 9, the implementation partner allegedly informed the builder that “due to the actions of a few individuals at Redington and AWS teams, there has been a data loss”.
“(We were) further told that employees at Redington Group have entered into our storage area at the root level and deleted our account completely. This event has resulted in the loss of over six years of business data causing substantial financial and operational loss to the company.
“The deletion of SAP S/4HANA (a business suite used to manage data) has brought the business functions/operations to a complete halt and the vital financial records, supply chain data, customer information, and operational insights accumulated over years are now inaccessible,” as per the complaint.
The value of the data loss is around Rs 150 crore, Rajendran claimed, as the company was unable to collect payments from customers, unable to pay statutory taxes and complete interest payments to lenders, “which caused approximately a loss of Rs 5 crore per day from January 9”.
“AWS India replied, stating that despite their best efforts, they are unable to retrieve the data and restore it. Hence, take necessary legal action against the culprits,” Rajendran told the police.
Apart from AWS, the FIR, filed under the Bharatiya Nyaya Sanhita (BNS) and Information Technology Act, named Redington Group. A probe has been initiated, confirmed senior officers refusing to comment further.
In an email response to DH, a spokesperson for AWS termed the claims as false.
“AWS operated as designed and is not responsible for the deletion of Adarsh Developers’ data,” the spokesperson said.
Source: DH, The420.in
“The claims against AWS in a recent news report are false. AWS operated as designed and is not responsible for the deletion of Adarsh Developers’ data.” – AWS spokesperson told infosecbulletin through mail.
