Bell Technical Solutions Inc. Suffers Ransomware Attack by HiveLeak Group

Overview of the Incident

Bell Technical Solutions Inc., a subsidiary of Bell Canada, has recently fallen victim to a ransomware attack orchestrated by the HiveLeak group. Despite the attack, the company's website remains operational. Specializing in the installation of various Bell services, Bell Technical Solutions plays a crucial role in the Telecommunications sector and employs over 4,500 individuals.

The cyberattack, which took place on August 20, 2022, led to unauthorized access to operational company and employee information. This breach potentially compromised the personal details of residential and small business customers in Ontario and Québec who had scheduled a technician visit. In response, Bell Technical Solutions has taken prompt measures to secure the compromised systems and has confirmed that no databases containing sensitive customer financial information were accessed during the incident.

Response and Investigation

In the wake of the attack, Bell Technical Solutions is actively working with the Royal Canadian Mounted Police's cybercrime unit to investigate the breach. The company has also reported the incident to the Office of the Privacy Commissioner. It is important to note that Bell Technical Solutions operates on a separate IT system from Bell Canada, ensuring that other Bell customers and subsidiaries remain unaffected by this breach.

HiveLeak, the group behind this ransomware attack, is notorious for its aggressive cybercriminal activities, particularly against the U.S. healthcare sector. Employing double extortion tactics, HiveLeak steals valuable files before encrypting them, leveraging this theft to demand ransom from its victims. The group has been active since June 2021 and has been responsible for a significant number of attacks in recent times.

Implications and Precautions

Following the incident, Bell Technical Solutions has issued warnings to its customers about the potential risk of phishing attacks. The company is also in the process of notifying individuals whose private information may have been compromised. To further strengthen its cybersecurity posture, Bell Technical Solutions is collaborating with third-party cybersecurity experts.

This incident underscores the critical need for robust cybersecurity measures within the telecommunications sector, which often handles sensitive customer data. Companies must stay vigilant and invest in advanced security solutions to safeguard their systems and data against the continually evolving cyber threat landscape.

Sources

• Bell Technical Solutions Inc. - Indeed
• Bell Technical Solutions hacked by ransomware group - MobileSyrup
• Hive ransomware gang claims responsibility for cyberattack on Bell Canada - Insurance Business Magazine
• Bell Canada Notifies Customers of Cyber Incident. Hive Ransomware Crew Claims Responsibility for Attack - Bitdefender
• Canadian police investigating ransomware attack on Bell subsidiary after employee data stolen - The Record
• Hive ransomware claims cyberattack on Bell Canada subsidiary - Bleeping Computer