The (Raas) ransomware-as-a-service Hive has claimed responsibility for a cyber attack against Tata Power that was disclosed a few weeks ago. The incident is said to have occurred on October 3, 2022. As per the screenshots seen by Bleeping Computer, Hive operators have posted data that was stolen from the servers of India’s leading integrated conglomerate Tata Power. It has also been observed that the data was exfiltrated prior to encryption as it was a part of their double extortion scheme.
This consisted of signed client contracts, agreements, documents, and several other sensitive information such as emails, contacts, phone numbers, passport numbers, and taxpayer data among others. The Mumbai-based firm has been one of the biggest parts of the leading power company of the Tata Group Conglomerate. Tata Power had previously disclosed in a filing with the National Stock Exchange (NSE) of India about the intrusion of the company's IT infrastructure and that it did have an impact on “some of its IT systems.”
As per the further details shared by a security researcher, Rakesh Krishnan who shared the screenshots of the leak which contains Tata Power’s employee personally identifiable information (PII), National ID (Aadhar ) card numbers, and PAN (tax account) numbers, salary information and other details, the leak has reportedly affected several of Tata’s 12 million customers.
As per the latest developments, it has been an inductive fact that Tata Power has likely refused to pay a ransom, prompting the cybercrime gang to publish the siphoned data on its dark web portal. On October 14, Tata Power disclosed its cyber attack on its "IT infrastructure impacting some of its IT systems" through a stock filing without sharing any additional information about the same and the whereabouts of the threat factor.
"The Company has taken steps to retrieve and restore the systems. All critical operational systems are functioning; however, as a measure of abundant precaution, restricted access and preventive checks have been put in place for employee and customer-facing portals and touchpoints," said the stock filing signed by the company secretary H.M.Mistry.
© Vygr Media Private Limited 2022. All Rights Reserved.