Indian multinational tech giant Tata Technologies, a subsidiary of Tata Motors, is in the spotlight following allegations by ransomware group Hunters International of a major data breach.
According to Huntress Group, the claim resulted in the theft of 1.4 TB of sensitive data, potentially exposing critical information from high-profile clients such as Ford, McLaren, Honda, and Airbus.
The claimed breach follows a ransomware incident, which Tata Technologies announced on January 31, 2025.
While the company stated that its client delivery services remained unaffected and IT systems were restored, it did not disclose whether any ransom was demanded or paid.
Huntress Group Claim
Hunters International, known for operating under a Ransomware-as-a-Service (RaaS) model, claims responsibility for the attack and has reportedly leaked stolen data on its extortion portal.
The leaked files may include engineering schematics, financial records, and other proprietary information.
Hunters International emerged in October 2023 and is infamous for leveraging advanced techniques to infiltrate corporate networks.
Their modus operandi often involves exploiting vulnerabilities such as CVE-2020-14644 in Oracle WebLogic servers, deploying malware for lateral movement, and exfiltrating data to cloud platforms like MEGA.
The group also uses encryption algorithms combining AES and RSA ciphers to ensure victims face both data loss and public exposure if ransoms are not paid.
Tata Technologies plays a crucial role in automotive design, aerospace engineering, and R&D projects globally.
With annual revenue of $600 million and operations across 18 locations worldwide, the firm’s reputation as a key contractor for state projects and industry leaders is at stake.
The alleged theft of high-value intellectual property could severely impact its technological portfolio and client trust.
However, it remains unclear whether Hunters International’s claims are verified or whether additional data has been compromised.
This incident underscores the growing threat posed by ransomware attacks targeting critical industries like manufacturing and engineering.
India has seen a sharp rise in ransomware incidents, with attacks increasing by 45% year-over-year in 2024. The manufacturing sector alone accounted for nearly 29% of these breaches.
Cybersecurity experts warn that such attacks can lead to irreversible reputational damage and financial losses if robust defenses are not implemented.
As Tata Technologies navigates this crisis, the incident serves as a stark reminder for organizations worldwide to strengthen their cybersecurity frameworks.
The rise of sophisticated ransomware groups like Hunters International highlights the urgent need for proactive measures to safeguard sensitive data against evolving threats.
Are you from SOC/DFIR Teams? – Analyse Malware Incidents & get live Access with ANY.RUN -> Start Now for Free.