Major Indian energy firm Tata Power has been hit with a cyberattack earlier this month, which has since been claimed by the Hive ransomware gang, with the ransomware group commencing stolen data leaks, TechCrunch reports.
While Tata Power confirmed having some of its systems compromised by a cyberattack on Oct. 14, Hive ransomware claimed in its listing of the company on its leak site that Tata Power's data has been encrypted on Oct. 3, indicating that the breach may have already been known two weeks before Tata Power's initial disclosure.
Examination of the listing showed that data stolen from Tata Power included sensitive employee data, financial and banking records, engineering drawings, certain private keys, and client records.
"The leak has sensitive data but nothing that affects power grids," said CloudSEK co-founder and CEO Rahul Sasi. Hive ransomware's attack on Tata Power follows recent attacks against the New York Racing Association and Bell Technical Solutions.
BleepingComputer reports that Knight ransomware was observed by KELA threat analysts to have the third iteration of its source code posted for sale by the operation's representative, Cyclops, on RAMP forums.