BT Confirms Cyberattack Attempt Amid Black Basta Claims

December 5, 2024 | Cybersecurity
By Ashwani Mishra, Editor-Technology, 63SATS

British telecommunications giant BT Group has confirmed an attempted cyberattack on its conferencing platform after the Black Basta ransomware group claimed to have compromised the company’s data. The attack, which surfaced on the gang’s darknet leak site, reportedly involved sensitive corporate files, including employee personal information and non-disclosure agreements.

BT, which employs over 100,000 people globally and reported revenues exceeding £20 billion in 2023, assured that the incident was swiftly contained. A company spokesperson emphasized, “The affected servers were taken offline and isolated, ensuring no impact on live BT Conferencing services or broader operations.”

A Limited Breach with Swift Containment

BT, a major player in Britain’s telecom infrastructure, operates most of the nation’s telephone exchanges. Despite its critical role, the company stressed that the breach was confined to a specific portion of its conferencing platform and did not affect customer or core telecom services.

The firm is actively investigating the incident and working with law enforcement and regulatory authorities to assess the scope of the breach. “Our focus remains on ensuring the security of our systems and the integrity of our services,” BT stated.

Black Basta: A Persistent Threat

The Black Basta ransomware group, which emerged in 2022, has been notorious for targeting critical industries, including healthcare and infrastructure. The gang’s leak site displayed files allegedly obtained from BT, including sensitive corporate data, heightening concerns about the potential fallout from the breach.

U.S. authorities have previously warned about Black Basta’s activities, urging companies to bolster defenses against ransomware threats. BT’s swift response highlights the growing challenge businesses face in securing complex digital ecosystems.