Ransomware Attack on Tata Technologies

A ransomware group known as Hunters International has released some of the data it claims to have stolen from Tata Technologies, approximately one month after the Indian company confirmed a ransomware attack that led to the suspension of certain services.

The leaked data, which has been viewed by TechCrunch and is available on the gang’s dark web leak site, includes personal details of current and former employees of Tata Technologies, as well as confidential information such as purchase orders and the company’s contracts with clients in India and the United States.

According to the ransomware gang, the data set comprises over 730,000 documents, including Excel spreadsheets, PowerPoint presentations, and PDF files, with a cumulative size of approximately 1.4 terabytes.

In late January, Tata Technologies informed Indian stock exchanges about a ransomware attack that affected certain IT assets, although the company stated that its client services “remained fully functional and unaffected throughout.”

It is unclear whether the data uploaded by Hunters International is related to the previously disclosed ransomware attack. Despite multiple attempts by TechCrunch to contact them, representatives for Tata have not provided any comment on the matter.

Tata Technologies, founded in 1989 as a unit of Tata Motors and spun off as a separate entity in 1994, operates as a subsidiary of the Indian conglomerate Tata Group. The company provides product engineering and research and development services to automotive, aerospace equipment makers, and engineering companies across 27 countries.

With 20 delivery centers and over 12,500 employees, as per its website, Tata Technologies is a significant player in the industry. The company’s services cater to a diverse range of clients, including those in the automotive and aerospace sectors.

Hunters International, a relatively new ransomware-as-a-service group, emerged in late 2023. The group operates by leasing out its infrastructure to affiliate hackers who carry out ransomware attacks, with Hunters International taking a cut of the proceeds from ransom payments.

Hunters International appears to have links with the Hive ransomware gang, which was largely disrupted by law enforcement agencies in 2023. Notably, the Hive gang leaked data stolen from another Tata Group company, Tata Power, in 2022.