A ransomware gang called Hunters International has claimed responsibility for the ransomware attack on Indian tech firm Tata Technologies. The group has listed the company on its dark web leak site and adds that they stole over 730,000 files amounting to nearly 1.4 TB of data, threatening to leak to the public within the next six days.
Tata technologies was hacked in late January 2025 which affected some of its IT services. Tata acknowledged the ransomware attack, adding that affected systems were restored. Experts were also called in to investigate the incident and assess the root cause, but no information on ransom discussions was disclosed at the time.
Hunters International’s threat to leak stolen data is the usual route ransomware gangs take when either ransom negotiations break down or the victim refuses to pay the ransom. No link between the January attack and this data has been found yet. Neither the group nor Tata has disclosed any information on the intruders’ demands.
The Hunters International ransomware group succeeded the Hive ransomware group after it was taken down by law enforcement. Hunters adapted Hive’s tools and techniques to attack newer, more protected targets. They’ve been a financially motivated group operating under a ransomware-as-a-service model since at least late 2023, so targeting Tata for extortion is the usual modus operandi one would expect from cyber criminals. Hunters International has also targeted the automotive, financial, food, manufacturing, and healthcare sectors before.
This is the first time Hunters International has claimed an attack on an Indian company. The group typically targets companies based in the US, Japan, UK, Europe, Brazil, Canada, and New Zealand. Interestingly, Tata’s power division was previously attacked by the Hive ransomware gang as well in October 2022.
In the News: DoT warns against illegal procurement and tampering of SIM cards
