Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Data Breaches

IT Giant Atos Responds to Ransomware Group’s Data Theft Claims

IT services giant Atos has responded to the data breach claims made by a ransomware group named Space Bears.

Atos ransomware

French IT services giant Atos said its systems have not been compromised after a ransomware group claimed to have stolen data belonging to the company.

A cybercrime group named Space Bears listed Atos on its Tor-based leak website last week, claiming to have obtained a “company database”. 

Shortly after, Atos issued a statement saying that it had been investigating the data breach claims, but its initial analysis had shown “no evidence of any compromise or ransomware affecting any Atos/Eviden systems in any country, and no ransom demand has been received to-date”.

In an updated statement issued on Friday, Atos said the ransomware group’s allegations are “unfounded”, but it did confirm that the cybercriminals may have obtained some data pertaining to the company.

“No infrastructure managed by Atos was breached, no source code accessed, and no Atos IP or Atos proprietary data exposed,” Atos said.

It added, “Atos understands that external third-party infrastructure, unconnected to Atos, has been compromised by the group Space Bears. This infrastructure contained data mentioning the Atos company name, but is not managed nor secured by Atos.”

The exact origin of the data obtained by Space Bears remains unclear, but Atos told SecurityWeek that the data mentioning Atos is either public information or technical data containing no sensitive information.

Based on its website, the Space Bears group has been around since at least the spring of 2024. Its site currently lists over 40 victims. The hackers are threatening to leak the stolen Atos data in less than two days. 

Advertisement. Scroll to continue reading.

This is not the first time Atos has been mentioned on a ransomware group’s website. The notorious gang BlackBasta listed Atos on its leak site in July 2024, claiming to have stolen 710 Gb of data, including personal information and confidential corporate files. Atos does not appear to have addressed those claims. 

In 2023, Atos confirmed that the Cl0p ransomware group stole some data from a backup folder associated with a company it had acquired after exploiting a zero-day vulnerability in GoAnywhere MFT software. The GoAnywhere campaign had hit several major organizations.

Related: New York Hospital Says Ransomware Attack Data Breach Impacts 670,000

Related: Cisco Confirms Authenticity of Data After Second Leak

Related: Rhode Islanders’ Data Was Leaked From a Cyberattack on State Health Benefits Website

Related: American Addiction Centers Data Breach Impacts 422,000 People

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Discover strategies for vendor selection, integration to minimize redundancies, and maximizing ROI from your cybersecurity investments. Gain actionable insights to ensure your stack is ready for tomorrow’s challenges.

Register

Dive into critical topics such as incident response, threat intelligence, and attack surface management. Learn how to align cyber resilience plans with business objectives to reduce potential impacts and secure your organization in an ever-evolving threat landscape.

Register

People on the Move

MorganFranklin Cyber has appointed Keith Hollender as CEO and member of the Board of Directors.

Lisa Banks has been named Chief Financial Officer at Abnormal Security.

Threat detection and response company Trellix has appointed Vishal Rao as its new CEO.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.