Major Indian tech firm Tata Technologies has confirmed it suffered a ransomware attack that forced it to take a number of its IT systems offline.
A subsidiary of major automobile manufacturer Tata Motors, Tata Technologies provides engineering and digital services to a range of manufacturers in the automotive, aerospace, and industrial machinery industries.
In an official statement provided to the Indian Stock Exchange on 31 January 2025, the company said the attack affected “a few of our IT assets”, forcing it to temporarily suspend some of its services as a precautionary measure.
The statement added that these services have now been restored, and Tata Technologies’ client delivery services were unaffected and remained fully functional throughout.
“Further detailed investigation is underway in consultation with experts to assess the root cause and to take remedial action as necessary. We remain committed to the highest standards of security and data protection and are taking all necessary steps to mitigate any potential risks”, the statement concluded.
Further details including the identity of the threat actors responsible – or the means by which they achieved access to some of Tata Technologies’ IT assets and corporate network – were not included in the filing.
Ransomware attacks targeting India spiked 55% in 2024
Ransomware attacks targeting India-based companies appear to be on the rise, according to data collected by CyberPeace.
Research from the security firm identified 98 ransomware incidents impacting various sectors in India, which represents a 55% increase compared to the 63 attacks recorded in 2023.
“This surge highlights a concerning trend, as ransomware groups continue to target India's critical sectors due to its growing digital infrastructure and economic prominence,” CyberPeace warned.
Trend Micro’s 2024 Midyear Cybersecurity Threat Report found India ranked tenth overall and sixth in Asia for ransomware threats, accounting for 5% of all ransomware incidents in Asia and just under 3% globally.
In one case, Comtel, a data center operator hosting critical infrastructure for a number of brokerage firms in India, was hit with a ransomware attack in December 2024 that resulted in a temporary suspension of the affected stock brokers by two of India's leading exchanges.
RELATED WHITEPAPER
The finance sector accounted for 10% of the incidents recorded in 2024, CyberPeace found, but the industrial sector was by far the most frequently targeted industry in India, accounting of 75% of total incidents.
The Tata conglomerate has been the victim of previous ransomware activity in recent years. In October 2022, the Hive ransomware group claimed responsibility for an attack on Tata Power, locking down its IT systems and exfiltrating sensitive information.
A sample of the stolen information posted to the group’s leaksite included contracts with suppliers and employees, ‘master’ files on several employees, and details of senior executives’ remuneration packages.
-
M&S suspends online sales as 'cyber incident' continuesNews Marks & Spencer (M&S) has informed customers that all online and app sales have been suspended as the high street retailer battles a ‘cyber incident’.
-
Manners cost nothing, unless you’re using ChatGPTOpinion Polite users are costing OpenAI millions of dollars each year – but Ps and Qs are a small dent in what ChatGPT could cost the planet
-
Ransomware attacks are rising — but quiet payouts could mean there's more than actually reportedNews Ransomware attacks continue to climb, but they may be even higher than official figures show as companies choose to quietly pay to make such incidents go away.
-
Simplifying Password Management eBookWhitepaper
-
Living off the Land eBookWhitepaper
-
The Public Sector's Guide to Privilege and Password ManagementWhitepaper
-
Zero Standing Privilege: Automating Cybersecurity Without Disrupting ProductivityWhitepaper
-
Cleo attack victim list grows as Hertz confirms customer data stolen – and security experts say it won't be the lastNews Hertz has confirmed it suffered a data breach as a result of the Cleo zero-day vulnerability in late 2024, with the car rental giant warning that customer data was stolen.
-
‘Phishing kits are a force multiplier': Cheap cyber crime kits can be bought on the dark web for less than $25 – and experts warn it’s lowering the barrier of entry for amateur hackersNews Research from NordVPN shows phishing kits are now widely available on the dark web and via messaging apps like Telegram, and are often selling for less than $25.
-
Cyber attacks against UK firms dropped by 10% last year, but experts say don't get complacentNews More than four-in-ten UK businesses were hit by a cyber attack last year, marking a decrease on the year prior – but security experts have warned enterprises to still remain vigilant.
