Hive Group Claims Responsibility for Hacking Tata Power

The Hive ransomware group has claimed responsibility for a cyberattack on one of the largest energy companies in India, Tata Power Company Limited.

Media outlets are reporting that Hive’s operators have begun releasing data allegedly stolen from the company as buyout talks apparently failed.

Reference: Tata Power, a subsidiary of the multinational conglomerate Tata Group, is India’s largest integrated energy company based in Mumbai.

Let me remind you that the hacking of Tata Power Company Limited became known last week. In a statement filed by the company with the National Stock Exchange of India, it was reported that the incident affected only “some of the IT systems.”

The Company has taken steps to retrieve and restore the systems. All critical operational systems are functioning; however, as a measure of abundant precaution, restricted access and preventive checks have been put in place for employee and customer facing portals and touch points.stated Tata Power's filing, signed by company secretary H.M. Mistry at the time.

According to Bleeping Computer, the Hive ransomware operators have begun publishing Tata Power data on their “leak site.” The hackers claim to have attacked the company on October 3rd.

Hive and Tata Power

Indian security researcher Rakesh Krishnan shared screenshots of stolen data with journalists, which contain personal information of Tata Power employees, Aadhar national card numbers, PAN tax account numbers, salary data and so on.

In addition, it is reported that the data dump contains design drawings, financial and banking documents, as well as information about the company’s customers.

Hive and Tata Power

Journalists note that extortion groups usually start publishing or selling stolen data if the affected company refuses to pay the ransom and negotiations fail.

The Hive group is known for the use of a diverse array of tactics, methods, and procedures, making it difficult for organizations to defend against its attacks, as the FBI has previously said. In September of this year, cybercriminals from the group claimed to be behind ransomware attacks on the New York Racing Association, a subsidiary of Bell Canada, and a New York-based provider of emergency response and ambulance services.

User Review
0 (0 votes)
Comments Rating 0 (0 reviews)

Daniel Zimmermann

Daniel Zimmermann has been writing on security and malware subjects for many years and has been working in the security industry for over 10 years. Daniel was educated at the Saarland University in Saarbrücken, Germany and currently lives in New York.

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *


This site uses Akismet to reduce spam. Learn how your comment data is processed.

Back to top button