Indian energy company Tata Power announces cyberattack affecting IT infrastructure

Multibillion-dollar Indian energy giant Tata Power announced on Friday that it is dealing with a cyberattack impacting some of its systems.

A spokesperson for the company told The Record that the attack targeted its IT infrastructure, but added that critical systems haven't been disrupted.

“The Company has taken steps to retrieve and restore the systems,” the spokesperson said. “All critical operational systems are functioning; however, as a measure of abundant precaution, restricted access and preventive checks have been put in place for employee and customer facing portals and touch points.”

The spokesperson declined to comment on whether it was a ransomware attack, nor did they say who may have been behind the hack, only adding that the company will provide updates at a later date.

The company – one arm of Indian conglomerate Tata Group – reported a revenue of $5.3 billion in the most recent fiscal year and runs major power plants in Gujarat, Mumbai, Jharkhand and 32 other locations across India. The company also has operations in South Africa, Indonesia, Singapore and Bhutan.

In April, AFP reported that Indian power minister R.K. Singh told the press in New Delhi that "Chinese hackers" had twice unsuccessfully targeted electricity distribution centers near Ladakh.

“We are always prepared. We have a very robust security system. We are always alert,” he added

The statements coincided with a report published by Recorded Future detailing how a likely Chinese state-sponsored threat activity group conducted “likely network intrusions targeting at least 7 Indian State Load Despatch Centres (SLDCs) responsible for carrying out real-time operations for grid control and electricity dispatch” near the disputed India-China border in Ladakh. 

Recorded Future — which owns The Record — previously notified the Indian government of intrusion activity targeting 10 power sector organizations in India in February 2021 by a “likely Chinese state-sponsored threat activity group we track as RedEcho.”

At the time, China’s Foreign Ministry spokesperson Zhao Lijian denied that the country’s military was behind the intrusions. 

Get more insights with the
Recorded Future
Intelligence Cloud.
Learn more.
No previous article
No new articles

Jonathan Greig

Jonathan Greig

is a Breaking News Reporter at Recorded Future News. Jonathan has worked across the globe as a journalist since 2014. Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.