IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Hive ransomware group claims cyber attack on India’s Tata Power

The Indian energy company reported last week that its IT systems were down, with customers reporting difficulties in paying their bills

The Hive ransomware group has claimed an attack on Tata Power, a leading Indian energy company, and encrypted its systems with ransomware.

Hive claimed to have encrypted the systems of the electric utility subsidiary of Tata Group on 3 October at around 7 pm, disclosing the attack on 24 October in a post on its leak site.

The dumped sample of files includes employment contracts, supplier contracts, 'master' files on various employees, documents detailing senior executives' remuneration packages, and more.

This comes after Tata Power declared on 14 October in a stock exchange filing it had suffered a cyber attack on its IT infrastructure, impacting some of its IT systems. The company said it had taken steps to retrieve and restore the systems, without revealing what kind of attack it was or who it was carried out by.

“All critical operational systems are functioning; however, as a measure of abundant precaution, restricted access and preventive checks have been put in place for employee and customer-facing portals and touch points,” the company said at the time.

A number of Tata Power customers have reported difficulties paying their energy bills on Twitter, with some stating that they have been disconnected from the service for not being able to complete the payment. Some also reported that they made the payment but were still receiving calls that their bill hadn’t been paid.

IT Pro has contacted Tata Power for comment.

Hive is one of the most successful ransomware organisations currently in operation and is run in a similarly 'professional' fashion as other high-profile gangs of past and present, such as REvil and LockBit.

Once infected, victims are taken to a bespoke portal where there are agents working for Hive that guide victims through the ransom payment process via live chat functionality.

Hive is known for its aggressive and unsympathetic approach to negotiating ransom payments and has been observed using tactics such as triple extortion - a method becoming increasingly popular among the most well-resourced groups.

Related Resource

Facilitating Fintech

Reducing the risk of potential data interception among fintech solutions

Whitepaper cover with title and purple and yellow circular graphics, including cartoon of man's faceFree Download

The attack on Tata Power is the latest in a series of attacks carried out by the ransomware organisation. In September, it claimed an attack on the New York Racing Association (NYRA). The NYRA reported the attack on 30 June, after learning that its IT operations, website availability, and member data were compromised.

A few days before this, the group claimed responsibility for a data breach at Bell Canada subsidiary Bell Technical Solutions (BTS). The breach exposed personally identifiable information of its Ontario and Québec-based customers, and compromised and encrypted BTS’s systems.

Featured Resources

AI for customer service

IBM Watson Assistant solves customer problems the first time

View now

Solve cyber resilience challenges with storage solutions

Fundamental capabilities of cyber-resilient IT infrastructure

Free Download

IBM FlashSystem 5000 and 5200 for mid-market enterprises

Manage rapid data growth within limited IT budgets

Free download

Leverage automated APM to accelerate CI/CD and boost application performance

Constant change to meet fast-evolving application functionality

Free Download

Recommended

Japan considers creating new cyber defence agency as attacks ramp up in region
cyber attacks

Japan considers creating new cyber defence agency as attacks ramp up in region

24 Nov 2022
UK follows EU in securing data deal with South Korea
Policy & legislation

UK follows EU in securing data deal with South Korea

23 Nov 2022
Inside Singapore’s mission to infuse itself with technology
digital transformation

Inside Singapore’s mission to infuse itself with technology

23 Nov 2022
India’s new data protection bill continues to “facilitate state surveillance”
Policy & legislation

India’s new data protection bill continues to “facilitate state surveillance”

21 Nov 2022

Most Popular

The top 12 password-cracking techniques used by hackers
Security

The top 12 password-cracking techniques used by hackers

14 Nov 2022
How to boot Windows 11 in Safe Mode
Microsoft Windows

How to boot Windows 11 in Safe Mode

15 Nov 2022
Google rolls out patch for high-severity Chrome browser zero day
zero-day exploit

Google rolls out patch for high-severity Chrome browser zero day

25 Nov 2022