The telecommunications giant BT Group, one of Britain’s largest companies, confirmed on Wednesday “an attempt to compromise” its conferencing platform after the Black Basta ransomware group claimed on its darknet leak site to have obtained the company’s corporate data.
A spokesperson for the company, which is listed on the London Stock Exchange, stressed the “incident was restricted to specific elements of the platform, which were rapidly taken offline and isolated.”
BT employs around 100,000 people globally and recorded revenues of over £20 billion (about $25.4 billion) in 2023. The privatised successor organisation to a former state monopoly, the company is responsible for a significant amount of Britain’s telephone infrastructure and operates the vast majority of its telephone exchanges, although there is no indication these have been impacted.
“The impacted servers do not support live BT Conferencing services, which remain fully operational, and no other BT Group or customer services have been affected,” a spokesperson told Recorded Future News.
“We’re continuing to actively investigate all aspects of this incident, and we’re working with the relevant regulatory and law enforcement bodies as part of our response,” they added.
The Black Basta ransomware group emerged in 2022 and has previously prompted warnings from U.S. authorities after a spate of attacks against the healthcare industry and a dozen critical infrastructure sectors.
Files shared on Black Basta’s leak site as evidence of the compromise of BT purport to show personal information relating to employees. The criminals also claimed to be in possession of non-disclosure agreements and other potentially sensitive corporate data.
Recorded Future
Intelligence Cloud.
No previous article
No new articles
Alexander Martin
is the UK Editor for Recorded Future News. He was previously a technology reporter for Sky News and is also a fellow at the European Cyber Conflict Research Initiative.