British telecoms giant BT confirms attempted cyberattack after ransomware gang claims hack

Avatar

The telecommunications giant BT Group, one of Britain’s largest companies, confirmed on Wednesday “an attempt to compromise” its conferencing platform after the Black Basta ransomware group claimed on its darknet leak site to have obtained the company’s corporate data.

A spokesperson for the company, which is listed on the London Stock Exchange, stressed the “incident was restricted to specific elements of the platform, which were rapidly taken offline and isolated.” 

BT employs around 100,000 people globally and recorded revenues of over £20 billion (about $25.4 billion) in 2023. The privatised successor organisation to a former state monopoly, the company is responsible for a significant amount of Britain’s telephone infrastructure and operates the vast majority of its telephone exchanges, although there is no indication these have been impacted.

“The impacted servers do not support live BT Conferencing services, which remain fully operational, and no other BT Group or customer services have been affected,” a spokesperson told Recorded Future News.

“We’re continuing to actively investigate all aspects of this incident, and we’re working with the relevant regulatory and law enforcement bodies as part of our response,” they added.

The Black Basta ransomware group emerged in 2022 and has previously prompted warnings from U.S. authorities after a spate of attacks against the healthcare industry and a dozen critical infrastructure sectors.

Files shared on Black Basta’s leak site as evidence of the compromise of BT purport to show personal information relating to employees. The criminals also claimed to be in possession of non-disclosure agreements and other potentially sensitive corporate data.

NewsNews BriefsCybercrime
Get more insights with the

Recorded Future

Intelligence Cloud.

Learn more.

No previous article

No new articles

Alexander Martin

is the UK Editor for Recorded Future News. He was previously a technology reporter for Sky News and is also a fellow at the European Cyber Conflict Research Initiative.

 

Total
0
Shares
Previous Post

Germany arrests suspected admin of country’s largest criminal marketplace

Next Post

Want to Grow Vulnerability Management into Exposure Management? Start Here!

Related Posts

TrickMo Banking Trojan Can Now Capture Android PINs and Unlock Patterns

New variants of an Android banking trojan called TrickMo have been found to harbor previously undocumented features to steal a device's unlock pattern or PIN. "This new addition enables the threat actor to operate on the device even while it is locked," Zimperium security researcher Aazim Yaswant said in an analysis published last week. First spotted in the wild in 2019, TrickMo is so named for
Avatar
Read More