Bell offices

The Hive ransomware gang has claimed responsibility for an attack that affected the systems of Bell Technical Solutions (BTS), a subsidiary of Bell Canada.

BTS is an independent subsidiary with more than 4,500 employees, specializing in the installation of Bell services for residential and small business customers in the provinces of Ontario and Quebec.

Although the Canadian telecommunications company has not revealed when its network was hacked or when the attack occurred, Hive claims in a new entry added to its data leak blog that it encrypted the systems. from BTS almost a month ago on August 20, 2022.

The company’s website, usually accessible at bellsolutionstech.cais currently inaccessible, which is why BTS has posted a cybersecurity alert on Bell’s official website.

“The unauthorized party accessed information that may include the name, address and phone number of residential and small business customers in Ontario and Quebec who booked a technician visit,” BTS said.

“Bell Technical Solutions has taken immediate action to secure the affected systems and we want to assure you that no databases containing customer information such as credit and debit card numbers, bank details or other financial data was not consulted during the incident.”

Bell Technical Solutions leak page
Bell Technical Solutions Leak Page (BleepingComputer)

BTS is currently investigating the incident with the assistance of the Royal Canadian Mounted Police Cybercrime Unit and has notified the Office of the Privacy Commissioner of the breach.

The Bell subsidiary warned customers of the possibility of being the target of phishing attacks following this incident and advised them to monitor their accounts for any suspicious activity.

“We will directly notify anyone whose private information may have been accessed. Bell Technical Solutions operates independently of Bell on a separate computer system; other Bell customers or other Bell subsidiaries have not been affected,” added the society.

“We are continuing to investigate and are working with third-party cybersecurity experts on the matter, as well as implementing solutions to further improve the security of our systems.”

Hive is a Ransomware-as-a-Service (RaaS) operation active since June 2021 behind attacks on dozens of organizations, counting only the victims whose data leaked online after they refused to pay the ransom,

The Federal Bureau of Investigation (FBI) released certain indicators of compromise and technical details associated with Hive ransomware attacks in August 2021.

Like many other ransomware gangs that use double extortion, the FBI said Hive operators will also steal any files they deem valuable before encryption to pressure their victim into paying the ransom under the threat of data leakage.

Bell Technical Solutions did not respond to a request for comment when contacted by BleepingComputer earlier today.


Source link