{"id":61567,"date":"2022-10-31T03:38:00","date_gmt":"2022-10-31T07:38:00","guid":{"rendered":"http:\/\/blog.cybercon1.com\/?p=61567"},"modified":"2022-10-31T03:38:00","modified_gmt":"2022-10-31T07:38:00","slug":"hive-claims-ransomware-attack-on-tata-power-begins-leaking-data","status":"publish","type":"post","link":"https:\/\/blog.cyberconservices.com\/index.php\/2022\/10\/31\/hive-claims-ransomware-attack-on-tata-power-begins-leaking-data\/","title":{"rendered":"Hive claims ransomware attack on Tata Power, begins leaking data"},"content":{"rendered":"\n<p>Another researcher&nbsp;Rakesh Krishnan&nbsp;<a rel=\"noreferrer noopener\" href=\"https:\/\/twitter.com\/RakeshKrish12\/status\/1584804516398264321\" target=\"_blank\">shared screenshots<\/a>&nbsp;of the stolen data\u2014which appears to include Tata Power&nbsp;employees&#8217; personally identifiable information (PII), National ID (Aadhar) card numbers, PAN (tax account) numbers, salary information, etc.<\/p>\n\n\n\n<p>Additionally, the data dump contains engineering drawings, financial and banking records as well as client information, suggests&nbsp;Krishnan.<\/p>\n\n\n\n<p>Hive operators claim that they encrypted Tata Power&#8217;s data on October 3rd.&nbsp;<\/p>\n\n\n\n<p>On Friday, October 14th, Tata Power disclosed a cyber attack on its &#8220;IT infrastructure impacting some of its IT systems&#8221; in a&nbsp;<a href=\"https:\/\/archives.nseindia.com\/corporate\/TATAPOWER_14102022190039_SELetter.pdf\" target=\"_blank\" rel=\"noreferrer noopener\">stock filing<\/a>&nbsp;without sharing&nbsp;additional information&nbsp;with regard to the whereabouts of the threat actor.<\/p>\n\n\n\n<p>&#8220;The Company has taken steps to retrieve and restore the systems. All critical operational systems are functioning; however, as a measure of abundant precaution, restricted access and preventive checks have been put in place for employee and customer facing portals and touch points,&#8221; stated&nbsp;Tata Power&#8217;s filing, signed by company secretary H.M. Mistry at the time.<\/p>\n\n\n\n<p>Threat actors like extortion and ransomware groups typically begin leaking or selling data stolen from&nbsp;breaching their targets should the target refuse to pay their ransom demand and subsequent&nbsp;negotiations&nbsp;fail.<\/p>\n\n\n\n<p><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/hive-claims-ransomware-attack-on-tata-power-begins-leaking-data\/\" target=\"_blank\" rel=\"noreferrer noopener\">Read On:<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Another researcher&nbsp;Rakesh Krishnan&nbsp;shared screenshots&nbsp;of the stolen data\u2014which appears to include Tata Power&nbsp;employees&#8217; personally identifiable information (PII), National ID (Aadhar) card numbers, PAN (tax account) numbers, salary information, etc. Additionally, the data dump contains engineering drawings, financial and banking records as <span class=\"excerpt-dots\">&hellip;<\/span> <a class=\"more-link\" href=\"https:\/\/blog.cyberconservices.com\/index.php\/2022\/10\/31\/hive-claims-ransomware-attack-on-tata-power-begins-leaking-data\/\"><span class=\"more-msg\">Continue reading &rarr;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":61568,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_exactmetrics_skip_tracking":false,"_exactmetrics_sitenote_active":false,"_exactmetrics_sitenote_note":"","_exactmetrics_sitenote_category":0,"advanced_seo_description":"","jetpack_seo_html_title":"","jetpack_seo_noindex":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[636],"tags":[637],"class_list":["post-61567","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-ransomware","tag-ransomware"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack-related-posts":[],"jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/blog.cyberconservices.com\/index.php\/wp-json\/wp\/v2\/posts\/61567","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.cyberconservices.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.cyberconservices.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.cyberconservices.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.cyberconservices.com\/index.php\/wp-json\/wp\/v2\/comments?post=61567"}],"version-history":[{"count":0,"href":"https:\/\/blog.cyberconservices.com\/index.php\/wp-json\/wp\/v2\/posts\/61567\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/blog.cyberconservices.com\/index.php\/wp-json\/"}],"wp:attachment":[{"href":"https:\/\/blog.cyberconservices.com\/index.php\/wp-json\/wp\/v2\/media?parent=61567"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.cyberconservices.com\/index.php\/wp-json\/wp\/v2\/categories?post=61567"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.cyberconservices.com\/index.php\/wp-json\/wp\/v2\/tags?post=61567"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}