"Hive Ransomware Gang Starts Leaking Data Allegedly Stolen From Tata Power"

The Hive ransomware gang has begun leaking data after claiming responsibility for the Tata Power data breach. Tata Power, India's largest power generation company, announced on October 14 that it had been the victim of a cyber attack. The company confirmed that the security breach affected some of its information technology systems. The power company immediately began operations to respond to the incident and restore the affected systems. The Hive ransomware gang has now begun leaking the allegedly stolen files on its Tor leak site. The gang claims to have breached the corporate network. Contracts, financial and business documents, engineering projects, and employees' Personally Identifiable Information (PII), including Aadhar card numbers, have all been stolen. The Hive ransomware operation has been active since June 2021. It provides Ransomware-as-a-Service (RaaS) and employs a double-extortion model, threatening victims with the publication of data stolen from them on its leak site called HiveLeaks. The FBI issued a flash alert on the Hive ransomware attacks in April 2021, which included technical details and indicators of compromise associated with the gang's operations. The Hive ransomware is one of the top ten ransomware strains by revenue in 2021, according to a report published by blockchain analytics company Chainalysis. The group used various attack methods, including malspam campaigns, vulnerable Remote Desktop Protocol (RDP) servers, and compromised Virtual Private Network (VPN) credentials. This article continues to discuss the cyberattack faced by Tata Power and how the Hive ransomware gang is claiming responsibility for the attack.

Security Affairs reports "Hive Ransomware Gang Starts Leaking Data Allegedly Stolen From Tata Power"