Hive Ransomware group has claimed the responsibility for the recent cyberattack on Tata Power, which targeted the utility company’s IT infrastructure.
The ransomware-as-a-service (RaaS) group has taken responsibility of the cyber incident that was reported by Tata Power on Oct. 14, 2022.
In the Oct. 14 announcement, Tata Power had said that the cyberattack impacted some its IT systems. But the company did not elaborate on the specific systems that were impacted by the cyber incident. Critical systems were unharmed, according to the company.
“[..] as measure of abundant precaution, restricted access and preventive checks have been put in place for employee and customer facing portals and touch points”, Tata Power had said in its update to BSE and NSE on Oct. 14.
Mumbai-based Tata Power is India’s largest integrated power company and is part of the Tata Group.
In screenshots seen by BleepingComputer, Hive operators have posted data they claim to have stolen from Tata Power, indicating that the ransom negotiations failed.
The group has apparently disclosed Tata Power employee-related data including emails, addresses, passports, phone numbers, payments, working hours, taxpayer info and more.
“While the attack against Tata Power is noteworthy, it doesn’t appear that the ransomware attack itself hinged on affecting any power grids. For groups like Hive and its affiliates, it is ultimately about leverage, which is why ransomware has evolved over the last several years to incorporate a technique known as double extortion, where groups will not only encrypt files across the systems of a victim, they’ll also steal data and threaten to leak it on the dark web,” explained Satnam Narang, Sr. Staff Research Engineer, Tenable
In September, Hive Ransomware group had claimed to be the perpetrators of ransomware attacks on New York Racing Association, a Bell Canada subsidiary, as well as a New York-based emergency response and ambulance service provider.
Earlier this year, the issue of cyberattacks increasingly targeting power grids in the country was addressed by Union Power Minister RK Singh. He had said that the country’s power network will soon receive an upgrade to be more “future-ready” and protect itself from cyberattacks.