BT Group’s Conferencing division has confirmed shutting down servers following a Black Basta ransomware breach. While BT claims the incident was limited and didn’t affect operations, the ransomware group states they stole 500GB of sensitive data, including:
– Financial records
– Organizational data
– User information
– NDA documents
– Confidential files
The Black Basta gang posted evidence on their dark web site, including document screenshots and folder listings, threatening to leak the data within a week. BT Group is working with law enforcement and regulatory bodies to investigate the incident.
Black Basta Background:
– Emerged in April 2022
– Compromised over 500 organizations
– Collected $100M+ in ransoms from 90+ victims
– Notable targets include Ascension, Capita, Rheinmetall, Hyundai Europe
– Uses Ransomware-as-a-Service (RaaS) model
The incident appears more severe than initially reported by BT, though the company maintains that core services remain operational and unaffected.