A ransomware group called Hunters International has published some of the data it claims to have stolen from Tata Technologies, just over a month after the Indian company confirmed a ransomware attack that resulted in the suspension of some services.
The leaked data, published on the gang’s dark web leak site — which TechCrunch has seen — includes personal details about some current and former employees at Tata Technologies, as well as confidential information, including purchase orders and the company’s contracts with customers in India and the United States.
The ransomware gang says the data set includes over 730,000 documents, including Excel spreadsheets, PowerPoint presentations, and PDF files, cumulatively totaling about 1.4 terabytes in size.
In late January, Tata Technologies informed Indian stock exchanges about a ransomware attack that affected “a few of” the company’s IT assets. At the time, Tata said its client services “remained fully functional and unaffected throughout.”
It is unclear whether the data uploaded by the Hunters International ransomware group is related to the ransomware attack that Tata Technologies disclosed earlier this year. When reached multiple times by TechCrunch, representatives for Tata have not yet provided comment.
Founded in 1989 as an automotive unit of Tata Motors, Tata Technologies spun off as a separate company in 1994 and has been operating as a subsidiary of the Indian conglomerate Tata Group since.
Tata Technologies provides product engineering and research and development services to automotive, aerospace equipment makers, and engineering companies across 27 countries. The company has 20 delivery centers and over 12,500 employees, per its website.
Surfacing in late 2023, Hunters International is relatively a new ransomware-as-a-service group, which leases out its infrastructure to affiliate hackers who carry out ransomware attacks, and Hunters International takes a cut of the proceeds from ransom payments.
Hunters International also appears to have some links with the Hive ransomware gang, which law enforcement agencies largely disrupted in 2023. The Hive gang leaked some of the data stolen by another Tata Group company, Tata Power, in 2022.
