Multinational telecommunications big BT Group (previously British Telecom) has confirmed that its BT Conferencing enterprise division shut down a few of its servers following a Black Basta ransomware breach.
BT Group is the UK’s main mounted and cell telecom supplier. It additionally gives managed telecommunications, safety, and community and IT infrastructure companies to clients in 180 international locations.
An organization spokesperson informed BleepingComputer that the safety incident did not influence BT Group’s operations or BT Conferencing companies, so it’s unclear if any methods had been encrypted or solely knowledge stolen.
“We recognized an try to compromise our BT Conferencing platform. This incident was restricted to particular components of the platform, which had been quickly taken offline and remoted,” BleepingComputer was informed.
“The impacted servers don’t help dwell BT Conferencing companies, which stay totally operational, and no different BT Group or buyer companies have been affected.”
Whereas BT stated there was solely an try to compromise their platform, in addition they stated they took impacted servers offline.
This comes after the Black Basta ransomware gang claimed they breached the corporate’s servers and allegedly stole 500GB of knowledge, together with monetary and organizational knowledge, “customers knowledge and private docs,” NDA paperwork, confidential info, and extra.
The cybercrime group additionally revealed folder listings and a number of screenshots of paperwork requested by the corporate throughout the hiring course of as proof of their claims.
The ransomware gang additionally added a countdown to their darkish net leak web site, saying the allegedly stolen knowledge can be leaked subsequent week.
With the risk actors now claiming to have stolen tons of of GBs of paperwork from BT Conferencing servers, it seems to be like this was a critical breach fairly than simply an try.
“We’re persevering with to actively examine all facets of this incident, and we’re working with the related regulatory and legislation enforcement our bodies as a part of our response,” the BT Group spokesperson added.
The Black Basta Ransomware-as-a-Service (RaaS) operation surfaced in April 2022 and has claimed many high-profile victims worldwide, together with healthcare firms and authorities contractors.
A few of its most notable victims embody U.S. healthcare big Ascension, U.Ok. tech outsourcing agency Capita, German protection contractor Rheinmetall, authorities contractor ABB, Hyundai’s European division, the Toronto Public Library, the American Dental Affiliation, and Yellow Pages Canada.
CISA and the FBI stated in Could that Black Basta associates have breached over 500 organizations, gathering at the least $100 million in ransom funds from over 90 victims till November 2023.