A ransomware gang has claimed responsibility for an attack on Indian engineering firm Tata Technologies, threatening to leak 1.4 terabytes of data allegedly stolen from the company.
The data appears to have been stolen in an incident that the subsidiary of Tata Motors disclosed in a regulatory filing with the Indian National Stock Exchange at the end of January.
“The company has become aware of a ransomware incident that has affected a few of our IT assets. As a precautionary measure, some of the IT services were suspended temporarily and have now been restored,” Tata said (PDF) at the time.
The company also said it had retained experts to investigate the incident and assess its root cause, but has shared no further updates on the matter.
This week, however, the incident resurfaced after the notorious ransomware group known as Hunters International added Tata to their Tor-based leak site, claiming to have stolen over 730,000 files and threatening to make all the data public within the next six days.
It is unclear what the group’s demands are and whether the data was indeed stolen in the previously disclosed incident. SecurityWeek has emailed Tata for additional information on the matter and will update this article as soon as a reply arrives.
Hunters International is a financially-motivated group operating under the ransomware-as-a-service (RaaS) business model since late 2023. It took over and adapted the tools and techniques employed by the Hive ransomware gang, which was disrupted by law enforcement.
Since its inception, Hunters International was seen targeting organizations across multiple sectors, including automotive, financial, food, healthcare, and manufacturing.
Related: Vulnerable Paragon Driver Exploited in Ransomware Attacks
Related: Ransomware Group Takes Credit for Lee Enterprises Attack
Related: New Anubis Ransomware Could Pose Major Threat to Organizations
Related: CISA, FBI Warn of China-Linked Ghost Ransomware Attacks