Tata power cyber attack

India’s Tata Power on Friday revealed that it faced a The power company, however, said that all its critical operational systems are functioning normally. Tata Power did not reveal its cyber security partners. Tata Power Company said some of its IT systems were impacted by the cyber attack. The company has taken steps to retrieve and restore the systems. All critical operational systems are functioning, Tata Power said in a BSE filing. However, as a measure of abundant precaution, restricted access and preventive checks have been put in place for employee and customer facing portals and touch points, Tata Power said. Last month, Union Power Minister RK Singh said India’s power network will soon be more future-ready and insulated from cyber attacks with the provision of routine inspections and timely action under the Electricity Amendment Bill. Earlier this year, RK Singh informed that there were cyber attacks on the national power grid.

Hive ransomware group has claimed responsibility for the cyberattack on official notice about the cyberattack on October 14, 2022. On October 25, 2022, Hive Ransomware Group posted on their website claiming responsibility for the cyberattack on the Indian power utility company. According to the FBI, the ransomware group gives an initial ransom payment deadline of 2 to 6 days , indicating that the data leak was the result of failed ransomware negotiations. Current situation The leak site post claims that they encrypted Tata Power’s data on October 3, eleven days before the company disclosure. The BSE statement filed by the Moreover, the Hive ransomware leak site claims that they have access to confidential data of the company, such as financial documents, employees’ “After analyzing the data sample leaked by the Hive ransomware group, we found that the leaked data contains highly sensitive information from Tata Power such as employees’ personal and work details, company infrastructure and internal policies, and clients’ data,” said the Amateur What TATA POWER leak contains? PII Employees: Engineering Drawings Financial Records – 20 Bank Records Client Contracts — RAKESH KRISHNAN (@RakeshKrish12) Mode of operation “ “The Hive Hardly two years old, Hive has grown into one of the most prevalent recently discovered its latest variant with several major upgrades. “The upgrades in the latest variant are effectively an overhaul: the most notable changes include a full code migrati...

See more Hive is one of the most successful ransomware organisations currently in operation and is run in a similarly 'professional' fashion as other high-profile gangs of past and present, such as Once infected, victims are taken to a bespoke portal where there are agents working for Hive that guide victims through the ransom payment process via live chat functionality. Hive is known for its aggressive and unsympathetic approach to negotiating ransom payments and has been observed using tactics such as Zach Marzouk is a staff writer for IT Pro, Cloud Pro, and Channel Pro where he writes news articles and in-depth feature pieces primarily focused on Asia Pacific and the US. Aside from covering topics like IT Pro podcast and After studying an undergraduate degree in Arabic and Spanish at the University of Leeds, Zach completed a journalism internship at The Argentina Independent in Buenos Aires where he wrote about the country’s history, politics, and technology. He then joined IT Pro in 2017 where he was introduced to the world of B2B technology as a junior staff writer, before he returned to Argentina in 2018, working in communications and as a copywriter. In 2021, he made his way back to IT Pro as a staff writer during the pandemic. Contact him at [email protected] or find Zach’s thoughts (and more) on Twitter

Organizations have been warned in a joint cybersecurity advisory by the U.S., Canada, Germany, France, Australia, New Zealand, and U.K. cybersecurity authorities regarding the pervasive threat of LockBit ransomware, which was the most distributed ransomware strain worldwide last year, according to The Record, a news site by cybersecurity firm Recorded Future.

• Home • OODA Analysis • News Briefs • Cyber • Technology • Global Risk • Business • Join OODA Loop • About OODA Loop • About OODA Loop • Consulting • Contact • Member Menu • Sign in • Explore OODA Research and Analysis • The OODA Community • OODAcast Video and Podcast Series • OODA C-Suite Report • Cryptocurrency Incident Database The Hive ransomware-as-a-service group has claimed responsibility for a cyberattack that compromised Tata Power. The attack was disclosed by the company on October 14, and likely occurred on October 3. Since the attack, the Mumbai-based power company confirmed that all critical operational systems are functioning again. The leak reportedly affected several of Tata’s 12 million customers, including exposure of personally identifiable information such as national identity card numbers, tax account numbers, salary information, addresses, phone numbers, and more. The ransomware company has leaked the stolen data, indicating that the group may have failed to convince Tata to pay ransom demands. However, even if the negotiation was successful it is possible that Hive released the data anyways. Paying ransomware demands is a risky move that may not always end in recovery of encrypted assets. There is still a chance that the ransomware group will take the payment and leak the data regardless.

Tata Power on Friday admitted it has been hit by a cyber attack on its IT infrastructure. The power company, however, said that all its critical operational systems are functioning normally. “The company has taken steps to retrieve and restore the systems. All critical operational systems are functioning,” Tata Power said in a BSE filing. However, as a measure of abundant precaution, “restricted access and preventive checks have been put in place for employee and customer facing portals and touch points”, it added. “The company will update on the matter going forward,” Tata Power added. Tata Power Company Ltd said some of its IT systems were impacted by the cyber attack. Last month, Union Power Minister R.K. Singh said India’s power network will soon be more future-ready and insulated from cyber attacks with the provision of routine inspections and timely action under the Electricity Amendment Bill. Earlier this year, Singh informed that there were cyber attacks on the national power grid. “These were probing attacks in December, January and February. They did not succeed. But we are aware,” he had said. (The story has been published via a syndicated feed)

Tata Power acknowledged the cyber attack on October 14 in a “The Company has taken steps to retrieve and restore the systems. All critical operational systems are functioning; however, as a measure of abundant precaution, restricted access and preventive checks have been put in place for employee and customer-facing portals and touch points,” Tata Power said in the regulatory filing. However, the Hive ransomware gang claimed it encrypted Tata Power on October 3, 2022, nearly two weeks before the company filed the data breach notification. If so, Tata Power risks fines for breaching the Indian Computer Emergency Response Team (CERT-In) regulations that require notification within six hours of discovery. The Mumbai-based company is part of the Tata Group conglomerate serving 12 million customers and is the largest integrated power company in the country. Hive ransomware group begins leaking stolen data Hive ransomware gang listed the Indian electric generating company on its data leak site, suggesting that ransom negotiations had conclusively failed. The ransomware group also began leaking stolen data, including sensitive personal information such as national identity card (Aadhar) numbers, tax IDs (PAN), phone numbers, home addresses, and salary information. The stolen data also included private keys, banking and financial records, client contracts, and engineering drawings. According to cybersecurity researcher Edward Liebig, Global Director of Cyber-Ecosystem at “Let’s fa...

Hive ransomware group has claimed responsibility for the cyberattack on official notice about the cyberattack on October 14, 2022. On October 25, 2022, Hive Ransomware Group posted on their website claiming responsibility for the cyberattack on the Indian power utility company. According to the FBI, the ransomware group gives an initial ransom payment deadline of 2 to 6 days , indicating that the data leak was the result of failed ransomware negotiations. Current situation The leak site post claims that they encrypted Tata Power’s data on October 3, eleven days before the company disclosure. The BSE statement filed by the Moreover, the Hive ransomware leak site claims that they have access to confidential data of the company, such as financial documents, employees’ “After analyzing the data sample leaked by the Hive ransomware group, we found that the leaked data contains highly sensitive information from Tata Power such as employees’ personal and work details, company infrastructure and internal policies, and clients’ data,” said the Amateur What TATA POWER leak contains? PII Employees: Engineering Drawings Financial Records – 20 Bank Records Client Contracts — RAKESH KRISHNAN (@RakeshKrish12) Mode of operation “ “The Hive Hardly two years old, Hive has grown into one of the most prevalent recently discovered its latest variant with several major upgrades. “The upgrades in the latest variant are effectively an overhaul: the most notable changes include a full code migrati...

The Hive Tata Power, which serves more than 12 million customers through its distributors, confirmed on October 14 that it had been hit by a Hive, the ransomware gang that The listing of stolen data suggests any negotiations to pay a ransom failed. This data, reviewed by TechCrunch, includes sensitive employee information, such as Aadhaar national identity card numbers, tax account numbers, salary information, home addresses and phone numbers. The leaked data, which was posted to Hive’s dark web leak site on October 24, also includes engineering drawings, financial and banking records, client records and some private keys. “The leak has sensitive data but nothing that affects power grids,” Rahul Sasi, co-founder and CEO of threat intelligence firm CloudSEK, who also reviewed the leaked data, told TechCrunch. Sasi said that the group’s motivation appears to be purely financial. TechCrunch contacted Tata Power but had not received a response at the time of publication. The Hive ransomware gang has been active since mid-2021. The gang and its affiliates started targeting organizations that experienced high downtime costs, The attack on Tata Power is the latest in a series of attacks carried out by Hive. Last month, the group claimed an attack on the New York Racing Association just a few days after leaking data stolen from Bell Canada-owned subsidiary Bell Technical Solutions.

See more Hive is one of the most successful ransomware organisations currently in operation and is run in a similarly 'professional' fashion as other high-profile gangs of past and present, such as Once infected, victims are taken to a bespoke portal where there are agents working for Hive that guide victims through the ransom payment process via live chat functionality. Hive is known for its aggressive and unsympathetic approach to negotiating ransom payments and has been observed using tactics such as Zach Marzouk is a staff writer for IT Pro, Cloud Pro, and Channel Pro where he writes news articles and in-depth feature pieces primarily focused on Asia Pacific and the US. Aside from covering topics like IT Pro podcast and After studying an undergraduate degree in Arabic and Spanish at the University of Leeds, Zach completed a journalism internship at The Argentina Independent in Buenos Aires where he wrote about the country’s history, politics, and technology. He then joined IT Pro in 2017 where he was introduced to the world of B2B technology as a junior staff writer, before he returned to Argentina in 2018, working in communications and as a copywriter. In 2021, he made his way back to IT Pro as a staff writer during the pandemic. Contact him at [email protected] or find Zach’s thoughts (and more) on Twitter