The Bell Canada subsidiary Bell Technical Solutions (BTS) is the latest victim of the Hive ransomware gang, according to the BleepingComputer.
According to a new entry in its data leak blog, Hive ransomware gang claimed that it was responsible for the attack that happened on August 20, 2022. However, Bell Canada didn't issue a statement when the breach of its network happened, as per the Bleeping Computer.
Hive Ransomware Gang Access Company's Employees Files
Hive ransomware group has accessed a number of personal information of the Canadian telecommunications company's employees, according to Mobile Syrup.
BTS specializes in installing Bell services for residential and small business customers. The company has more than 4,500 employees.
As per Mobile Syrup, the attack was able to access information of the employees, including "files related to finances, recruitment, birthdays, and COVID-19 information, along with other data."
As of this writing, BTS' website, bellsolutionstech.ca, is offline. But after the incident, Bell Canada posted a cybersecurity alert on its own website.
"We became aware that some operational company and employee information was accessed in a recent cybersecurity incident targeted at Bell Technical Solutions," Bell Canada said in a statement.
According to the company, the threat actors gained access to information of residential and small business customers, including the name, address and phone number. These are from customers in Ontario and Québec who booked a technician visit.
Moreover, necessary steps were already taken by the company to contain the situation.
Likewise, Bell Technical Solutions assures that the hackers did not access the database that contains customer information such as credit and debit card numbers, banking, or other financial data.
Read Also: Conti Ransomware Has Shut Down Sites Used for Data Leaks, Negotiations with Victims
Investigation in Bell Canada Breach is Ongoing
Hive ransomware gang has been actively operating since June 2021. Dozens of organizations have been victims of the attacks.
The group leaked their victims' data online when the victims refused to pay the ransom.
In May 2022, another company, Romania's Rompetrol gas station, became a victim of Hive ransomware gang, and threat actors asked for a multi-million ransom, as per a separate report of the BleepingComputer.
Because of the "complex cyberattack" in May, Rompetrol had to shut down its websites. The company also halted the operation of the Fill&Go service at gas stations.
Meanwhile, in November 2021, electronics retail giant MediaMarkt also became a victim of a Hive ransomware attack, according to another report by the BleepingComputer. The threat actors demanded an initial ransom of $240 million.
According to the Federal Bureau of Investigation (FBI), Hive ransomware gang uses double extortion to force their victims to pay the ransom. They would steal valuable files before encryption. Then, they would threaten them with data leaks to force them to pay.
The investigation regarding the Hive ransomware attack at Bell Canada is currently ongoing. Because of this, Bell Senior Communications Manager Jacqueline Michelis cannot provide more details about the incident.
According to BTS, they had already notified the Office of the Privacy Commissioner regarding the breach in their company.
Meanwhile, customers are warned of being possibly targeted by phishing attacks following this incident.