French telecom giant Altice has reportedly been hit by a ransomware attack by the Hive hacker group.
The website RedPacket Security, which produces reports based on data scraped from the dark web, lists Altice as having been subject to a Hive ransomware attack on 9th August, with disclosure of the attack coming through on 25th August.
It's currently unclear how large the attack was, or what data may have been affected, but RedPacket's listing states that files are currently available to download through the Tor browser.
RELATED RESOURCE
An EDR buyer's guide
How to pick the best endpoint detection and response solution for your business
Altice is the second largest telecommunications company in France, behind Orange. Headquartered in the Netherlands, it serves millions of customers in Western Europe, Israel and the Caribbean.
The company formerly operated a US subsidiary, but after going public in 2017 this was spun off into Altice USA, a separately managed company that is still headed by Altice founder and chairman Patrick Drahi.
In 2021, Altice acquired a 12.1% stake in BT under direction by Drahi. This was increased to an 18% stake in December 2021, bringing the company’s total state in BT up to 18% and making it the largest BT shareholder. In response, the government announced in May that it would investigate the acquisition of shares for the benefit of national security.
However, just days ago the government stated in a press release that “no further action” would be taken on the acquisition of the shares, and consequently Altice will retain its large hold on BT for the foreseeable future.
Hive was first identified as a ransomware group in June 2021, and since has been used in attacks such those made recently against Costa Rican health providers.
In July, Microsoft warned that Hive’s threat actors had developed a more sophisticated variant of the ransomware written in the coding language Rust, with increased efficiency at encrypting the files of victims and containing parameters that are harder to identify and remedy in infected systems.
Ransomware attacks are on the rise, with one in 40 organisations now hit by threat actors and providers of critical infrastructure at increasing risk
IT Pro has approached Altice for comment. This article will be updated as more information becomes available.
-
Prolific ransomware operator added to Europe’s Most Wanted list as US dangles $10 million rewardNews The US Department of Justice is offering a reward of up to $10 million for information leading to the arrest of Volodymyr Viktorovych Tymoshchuk, an alleged ransomware criminal.
-
Jaguar Land Rover “did the right thing” shutting down systems to thwart cyber attackNews The attack on Jaguar Land Rover highlights the growing attractiveness of the automotive sector
-
Ransomware attack on IT supplier disrupts hundreds of Swedish municipalitiesNews The attack on IT systems supplier Miljödata has impacted public sector services across the country
-
A notorious hacker group is ramping up cloud-based ransomware attacksNews The Storm-0501 threat group is refining its tactics, according to Microsoft, shifting away from traditional endpoint-based attacks and toward cloud-based ransomware.
-
Security researchers have just identified what could be the first ‘AI-powered’ ransomware strain – and it uses OpenAI’s gpt-oss-20b modelNews Using OpenAI's gpt-oss:20b model, ‘PromptLock’ generates malicious Lua scripts via the Ollama API.
-
Data I/O shuts down systems in wake of ransomware attack
News Regulatory filings by Data I/O suggest the costs of dealing with the attack could be significant
-
Average ransom payment doubles in a single quarterNews Targeted social engineering and data exfiltration have become the biggest tactics as three major ransomware groups dominate
-
BlackSuit ransomware gang taken down in latest law enforcement sting – but members have already formed a new groupNews The notorious gang has seen its servers taken down and bitcoin seized, but may have morphed into a new group called Chaos
