HQ/EMEAFind out how we can help your business
HTC Global Services, one of the leading IT services and business consulting companies worldwide, has fallen victim to a cyberattack by the notorious BlackCat ransomware group.
While HTC Global Services has not issued an official statement regarding the cyberattack on its website, a brief announcement was made on the company’s X account earlier this week. The Twitter post acknowledged the cybersecurity incident and assured users that the company has already deployed a dedicated team to investigate and address the situation to protect the security and integrity of its user data.
BlackCat included HTC Global Services on its data leak website.
HTC Global Services has confirmed the cyberattack after the ALPHV (BlackCat) ransomware group included them on the data leak website. The cybercriminal published screenshots of the alleged stolen data, including passports, contact lists, emails, and confidential documents.
In addition, some researchers believe that the threat actors have acquired access to the affected entity through the Citrix Bleed vulnerability. On the other hand, the CareTech business unit within HTC operated a vulnerable Citrix Netscaler device, which could be the entry point of the threat actors to the company’s network. However, HTC has yet to confirm these suspicions despite the attempts to seek clarification from HTC Global Services regarding using Citrix Bleed.
Known for consistently targeting global enterprises, the BlackCat ransomware group has continued to evolve and improve its TTPs, recently collaborating with English-speaking threat actors to launch extortion attacks.
In one incident, a group of alleged English-speaking affiliates of the ALPHV, identified as Scattered Spider, claimed responsibility for the attack on MGM Resorts, revealing that they had encrypted over 100 ESXi hypervisors during the assault. These attacks show how threatening the BlackCat is turning out to be as it improves its capabilities while expanding its influence.
As HTC Global Services addresses the result of the cyberattack, the incident shows the escalating threats posed by ransomware groups. Therefore, organisations should bolster their cybersecurity measures to protect sensitive information.
The ongoing investigation into the HTC breach will likely reveal more details on the specifics of the attack and the measures needed to prevent future incidents.
