French telecoms giant Altice may have been the victim of a ransomware attack by the Hive gang, documents posted on the dark web suggest.
Altice – France’s second largest telco – was hit by the gang earlier this month, according to information scraped from the dark web by the RedPacket Security website and disclosed yesterday.
What happened in the Altice cyberattack?
It is not clear how much data or what type of data was stolen in the attack, which is thought to have taken place on August 9. But according to RedPacket, a data download from Altice is available on the dark web and can be downloaded through the Tor browser.
Altice has not publicly disclosed a cyberattack this month. The company, which is owned by billionaire Patrick Drahi, has millions of customers, mainly based in Europe. It is also the single biggest shareholder in BT, owning an 18% stake. This week the UK government announced it had investigated Altice and Drahi’s interest in BT but had decided it does not constitute a national security risk. It is therefore not taking any action against the company at this time.
Tech Monitor has contacted Altice for comment on the reported ransomware attack.
Ransomware gang is a Hive of activity
Hive was first spotted operating in the wild in June last year, and in 2021 the gang is said to have attacked more than 350 companies, mainly in the health and financial sectors, says a report by security company Group-IB.
Thought to emanate from Russia, it has been ramping up its operation in 2022, particularly targeting healthcare organisations. In May, the group was named by the US Department of Health and Human Services as one of the top five criminal gangs that attacked healthcare services in Q1 2022, with Hive taking credit for 11% of attacks this year.
Earlier this month, Hive demanded £500,000 from two UK colleges after an attack on their systems, and the group’s targeting of public sector organisations, particularly those involved in healthcare, led to cybersecurity researchers releasing a free decryption key for its ransomware to try and help victims. However, the gang has switched to using the Rust programming language to make its malware harder to decrypt and more easily deployable across multiple operating systems.