Hive ransomware gang leaks information stolen throughout Tata Energy cyberattack • TechCrunch

The Hive ransomware group has claimed duty for the latest cyberattack on Tata Energy, a number one Indian power firm, and has began leaking stolen worker information.

Tata Energy, which serves greater than 12 million prospects by way of its distributors, confirmed on October 14 that it had been hit by a cyberattack that impacted a few of its IT methods. “The corporate has taken steps to retrieve and restore the methods. All crucial operational methods are functioning,” Tata Energy stated on the time, however didn’t verify any particular particulars in regards to the assault and its impression on the time.

Hive, the ransomware gang that not too long ago hit the Costa Rican authorities, this week listed Tata Energy on its darkish net leak website, which it makes use of to publicize assaults and stolen information. The group claims it encrypted the corporate’s information on October 3, suggesting Tata Energy might have recognized in regards to the breach two weeks previous to its preliminary submitting, in response to the itemizing, which TechCrunch has seen.

The itemizing of stolen information suggests any negotiations to pay a ransom failed. This information, reviewed by TechCrunch, contains delicate worker info, reminiscent of Aadhaar nationwide id card numbers, tax account numbers, wage info, house addresses, and telephone numbers. The leaked information, which was posted to Hive’s darkish net leak website on October 24, additionally contains engineering drawings, monetary and banking information, consumer information and a few personal keys.

“The leak has delicate information however nothing that impacts energy grids,” Rahul Sasi, co-founder and CEO of menace intelligence agency CloudSEK, who additionally reviewed the leaked information, instructed TechCrunch. Sasi stated that the group’s motivation seems to be purely monetary.

TechCrunch contacted Tata Energy however had not obtained a response on the time of publication.

The Hive ransomware gang has been energetic since mid-2021. The gang and its associates began focusing on organizations that skilled excessive downtime prices, reminiscent of healthcare suppliers, power suppliers, and retailers. The group is thought for its aggressive ways and has been noticed utilizing strategies reminiscent of “triple extortion,” whereby the attackers search cash not solely from the group that was first focused but additionally from anybody who may be impacted by the disclosure of that group’s information.

The assault on Tata Energy is the newest in a collection of assaults carried out by Hive. Final month, the group claimed an assault on the New York Racing Affiliation just some days after leaking information stolen from Bell Canada-owned subsidiary Bell Technical Options.