Tata Technologies Data Breach: Ransomware Attack Confirmed

Data Breach at Tata Technologies: Hunters International Releases Stolen Information

A cybercriminal organization known as Hunters International has released a portion of the data they allege was obtained from Tata Technologies. This disclosure occurred just over a month following Tata Technologies’ confirmation of a ransomware attack that led to temporary service interruptions.

Details of the Leaked Data

The compromised data, accessible on the group’s dark web leak site – reviewed by TechCrunch – contains sensitive personal information pertaining to both current and former Tata Technologies personnel. Furthermore, the leak includes proprietary data such as purchase orders and contractual agreements with clients located in India and the United States.

According to the ransomware group, the dataset comprises more than 730,000 documents. These files encompass various formats, including Excel spreadsheets, PowerPoint presentations, and PDF documents, with a total size of approximately 1.4 terabytes.

Initial Attack Disclosure

Tata Technologies initially reported a ransomware incident to Indian stock exchanges in late January. The company stated that the attack impacted “a limited number” of its IT systems. At that time, Tata Technologies asserted that its client-facing services remained operational and unaffected.

The connection between the data released by Hunters International and the previously disclosed attack remains unconfirmed. Repeated attempts by TechCrunch to obtain a statement from Tata Technologies have, as yet, been unsuccessful.

Background on Tata Technologies

Established in 1989 as an automotive division of Tata Motors, Tata Technologies became an independent entity in 1994. Since then, it has functioned as a subsidiary of the larger Tata Group conglomerate.

The company specializes in providing product engineering and research and development services. Its clientele spans the automotive, aerospace, and general engineering sectors across 27 nations. Tata Technologies maintains 20 delivery centers and employs over 12,500 individuals, according to its official website.

Hunters International: A Rising Threat

Hunters International emerged in late 2023 as a relatively new ransomware-as-a-service (RaaS) operation. This model involves leasing malicious infrastructure to affiliated hackers who then execute ransomware attacks, with Hunters International receiving a percentage of any ransom payments.

Potential Links to Previous Attacks

There appear to be potential connections between Hunters International and the Hive ransomware group, which was significantly disrupted by law enforcement in 2023. Notably, the Hive gang previously leaked data stolen from another Tata Group company, Tata Power, back in 2022.

Here's a summary of key information: