Login
iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Powered by MOMENTUMMEDIA
BT Group, formerly known as British Telecom, has confirmed the claims of the Black Basta ransomware gang, which allegedly breached its network.
The telco giant, which is the largest in the UK and provides telecommunications, network, security and infrastructure in over 180 countries, informed media that it had disabled some of its systems after it detected threat actors.
“We identified an attempt to compromise our BT Conferencing platform. This incident was restricted to specific elements of the platform, which were rapidly taken offline and isolated,” the company told multiple media sources.
“The impacted servers do not support live BT Conferencing services, which remain fully operational, and no other BT Group or customer services have been affected.”
“We’re continuing to actively investigate all aspects of this incident, and we’re working with the relevant regulatory and law enforcement bodies as part of our response.”
The company’s statement follows the Black Basta ransomware gang’s claims that it had breached BT Group’s systems and exfiltrated roughly 500 gigabytes of data.
According to the listing, the group exfiltrated financial data, organisation data, user data and personal documents, confidential documents and NDAs, and more.
Within the listing, the threat group posted a screenshot of a file tree, which included file names such as “data operations” and “development”, as well as a number pertaining to specific individuals.
It also posted passport and licence scans of several individuals, as well as UK visa documents and contracts.
Black Basta only recently took responsibility for a breach on ZircoDATA, in which data belonging to the Department of Home Affairs was compromised.
Home Affairs said that users of its Free Translating Service (FTS), which is run by The Migration Translators (TMT), a subsidiary of ZircoDATA, have had their data exposed.
Data compromised potentially includes users’ full names, dates of birth, mobile numbers, email addresses, visa details, including application numbers, visa grant numbers, delivery dates, subclass numbers, driver’s licence data and passport information.
The Black Basta ransomware gang posted the data online in March, during which time ZircoDATA began its response and investigation into the incident, informing the Australian Cyber Security Centre (ACSC) and the Office of the Australian Information Commissioner (OAIC).
In July 2024, ZircoDATA notified Home Affairs of the breach and that its data may have been compromised.
While Home Affairs confirmed its own systems were unaffected, it discovered that data stored by ZircoDATA had been accessed by cyber criminals.
Be the first to hear the latest developments in the cyber industry.
