Tata Power Company Limited, India's largest integrated power company, on Friday confirmed it was targeted by a cyberattack.
The intrusion on IT infrastructure impacted "some of its IT systems," the company said in a filing with the National Stock Exchange (NSE) of India.
It further said it has taken steps to retrieve and restore the affected machines, adding it put in place security guardrails for customer-facing portals to prevent unauthorized access.
The Mumbai-based electric utility company, part of the Tata Group conglomerate, did not disclose any further details about the nature of the attack, or when it took place.
That said, cybersecurity firm Recorded Future in April disclosed attacks mounted by China-linked adversaries targeting Indian power grid organizations.
The network intrusions are said to have been aimed at "at least seven Indian State Load Despatch Centres (SLDCs) responsible for carrying out real-time operations for grid control and electricity dispatch within these respective states."
The attacks were attributed to an emerging threat cluster Recorded Future is tracking under the name Threat Activity Group 38 (TAG-38).
Update (October 25, 2022): Hive ransomware gang starts leaking data allegedly stolen from Tata Power
#APT #China #Hive #Ransomware