Tata Technologies Data Breach Claimed by Hunters International Ransomware 

• The Hunters International threat actor recently claimed the Tata Technologies ransomware incident.
• The Indian tech giant said at the time that some of its IT systems were impacted, but customer operations were safe.
• Approximately 730,000 files were reportedly stolen, with the payment deadline set on March 11.

Ransomware group Hunters International has claimed responsibility for a major cyberattack on Tata Technologies, a leading engineering and IT services company. The attack allegedly resulted in the theft of 1.4TB of data spanning approximately 730,000 files.

While the Tata Motors subsidiary announced suffering a breach in January 2025 in the form of a “ransomware incident that affected a few IT assets,” the company stated that the attack had minimal impact on its operations, with client delivery services remaining unaffected.  

However, the attackers have threatened to release the stolen data publicly within one week if their ransom demands are not met. Details of the ransom demand have not been disclosed.

Hunters International, which emerged as a possible rebrand of the Hive ransomware group in late 2023, is known for its high-profile and aggressive tactics and operates as a Ransomware-as-a-Service (RaaS). 

The threat actor often employs tactics such as direct extortion of individuals alongside its corporate ransomware operations, targeting healthcare, automotive, manufacturing, logistics, financial, educational, and food sectors.

In August 2024, the U.S. Marshals Service refuted the group's assertion of a successful breach, highlighting the group's potential to exaggerate its reach. In September, the threat actor claimed to have exfiltrated over 5.2 million files from the Industrial and Commercial Bank of China (ICBC) London branch. 

The RansomHub ransomware gang published 487 gigabytes of data allegedly stolen from Kawasaki Motors’ Europe systems in 2024, as the company failed to meet the ransom demands.