On Tuesday 25th of October 2022, the Hive ransomware group claimed responsibility for a cyber attack that was disclosed on Friday 14th of October 2022 by a subsidiary of the multinational conglomerate Tata Group, Tata Power. They stated that they encrypted Tata Power’s data on Monday 3rd of October 2022.
It is believed that the ransom negotiations failed as Hive ransomware operators have posted data they claim to have stolen from Tata Power. Based on the screenshots of the stolen data, it appears that the data include Tata Power employees’ personally identifiable information, National ID card numbers, PAN numbers, salary information, etc. Additionally, the data dump contains engineering drawings, financial and banking records as well as client information.
Tata Power has claimed they have taken steps to retrieve and restore the systems and that all critical operational systems are functioning.