[ad_1]
The Hive ransomware-as-a-service (RaaS) group has claimed accountability for a cyber assault in opposition to Tata Power that was disclosed by the corporate lower than two weeks in the past.
The incident is claimed to have occurred on October 3, 2022. The risk actor has additionally been noticed leaking stolen information exfiltrated previous to encrypting the community as a part of its double extortion scheme.
This allegedly contains signed consumer contracts, settlement paperwork, in addition to different delicate info corresponding to emails, addresses, telephone numbers, passport numbers, taxpayer information, amongst others.
The Mumbai-based agency, which is India’s largest built-in energy firm, is a part of the Tata Group conglomerate.
Tata Power had beforehand disclosed in a submitting with the National Stock Exchange (NSE) of India that an intrusion on the corporate’s IT infrastructure impacted “a few of its IT methods.”
According to additional particulars shared by safety researcher Rakesh Krishnan, the leak incorporates personally identifiable info (PII), together with Aadhaar identification numbers, everlasting account numbers (PAN), drivers’ license, wage specifics, and engineering drawings.
The newest growth can be indicative of the truth that Tata Power doubtless refused to pay a ransom, prompting the cybercrime gang to publish the siphoned information on its HiveLeaks darkish net portal.
According to statistics printed by Digital Shadows and Intel 471, Hive was the third-most prevalent ransomware household noticed in Q3 2022, coming solely behind LockBit 3.0 and Black Basta and surpassing the likes of AvosLocker, BlackByte, BlackCat, and Vice Society.