HQ/EMEAFind out how we can help your business
Following the recent cyberattack on a leading Indian power generation company, our threat researchers in iZOOlogic found that the Hive ransomware group has listed the firm’s name in their leak site, claiming the attack.
The affected power company first announced the data breach on their networks last October 14, stating that unauthorised entities had accessed their IT systems, which caused them to take their customer-facing portals offline for the time being.
The company has not shared the attack’s nature and full scope, including which threat group had attacked them and if there are any stolen files. However, recent discoveries reveal that the prolific Hive ransomware group has claimed the cyberattack after listing the Indian power company on their leak site’s list of victimised companies.
Employee-related data are included in the stolen data from the Indian power company, as claimed by the Hive ransomware.
Based on the threat group’s post on their leak site, alongside the power company’s description and revenue information, numerous employee-related data had been compromised, such as email addresses, passport details, phone numbers, pay details, working hours, taxpayer’s information, and more. Signed contracts, NDAs, other agreement documents, bank accounts, and October balance details were also exposed.
First found by researchers in June 2021, the Hive ransomware group targets the energy, healthcare, education, media, and financial sectors. As of July 2022, the threat group has become one of the most active and notorious ransomware groups, allying with other traditional ransomware groups within the threat landscape.
Like other ransomware operations, once Hive has successfully infiltrated a victim’s network, it will begin collecting data and encrypting important files. A ransom note is left in a dedicated directory in the victim’s computer, providing instructions on contacting them to claim the decryption key for the compromised files.
The threat group’s attack campaigns have victimised large organisations worldwide, including Europe’s MediaMarkt and Emil Frey, Indonesia’s Perusahaan Gas Negara, and US-based healthcare firms Partnership HealthPlan and Memorial Healthcare System, among others.
Our iZOOlogic research team will share updates about this news once further details are provided.
