Bell Technical Solutions (BTS), a subsidiary of national telecommunications operator Bell, was the victim of a ransomware attack that accessed certain customer data, in addition to “operational information” and “employee information”. ” – reports beeping computer.
BTS has over 4,500 employees and is primarily focused on installing Bell services for residential and small business customers in Ontario and Quebec. The attack was orchestrated by the infamous group Hive on August 20, but BTS or its parent company did not disclose.
Hive, a Ransomware-as-a-Service (RaaS) operation active since June 2021, went public with the BTS attack on its data leak blog on Thursday, September 15. The group is responsible for attacks on dozens of organizations, and that only if you count the victims who refused to pay the ransom and whose data consequently leaked online.
Hive claimed to have encrypted BTS’s systems last month. BTS’s website is currently inaccessible and parent company Bell previously issued a cybersecurity alert on its own website.
“We have learned that certain operational company and employee information was accessed during a recent cybersecurity incident involving Bell Technical Solutions,” the company said.
“The unauthorized party accessed information that may include the name, address and telephone number of residential and small business customers in Ontario and Quebec who booked a technician visit.”
Although the perpetrators were able to get away with some personal information belonging to BTS customers, Bell said the customers’ financial information was not affected.
“Bell Technical Solutions has taken immediate action to secure the affected systems and we want to assure you that no databases containing customer information such as credit and debit card numbers, bank details or other financial data was not consulted during the incident.”
Hive, like many other ransomware gangs, often uses double extortion. This means that the group’s operators usually steal any files they consider valuable before encrypting their target’s systems to force them to pay the ransom under the threat of data leakage.
BTS warned customers of the possibility of being the target of phishing attacks following the breach. The Bell subsidiary also advised customers to monitor their accounts for suspicious activity.
“We will directly notify anyone whose private information may have been accessed. Bell Technical Solutions operates independently of Bell on a separate computer system; other Bell customers or other Bell subsidiaries were not affected,” the company added.
“We are continuing to investigate and are working with third-party cybersecurity experts on the matter, as well as implementing solutions to further improve the security of our systems.”
BTS installs services such as telephone, Internet and cable for residential and commercial customers in Ontario and Quebec.
Bell and its subsidiaries are no strangers to hacks. In 2017, Bell itself was hacked and a wealth of customer information was stolen from the telecom operator. At the time, some cybersecurity experts called Bell’s (and Rogers’) networks “easy to hack.”