BT conferencing system hacked by Black Basta Ransomware
British telecommunications giant BT Group has been hit by a ransomware attack carried out by the infamous Black Basta gang. The incident targeted the company’s Conferencing business division, prompting BT to temporarily take some servers offline as a precautionary step.
The attackers listed BT’s domains, btci.com and btconferencing.com, on their data leak site, warning that they would publish the stolen data—which includes financial, corporate, and personal information like passport copies—if their ransom demands are not met. The specific ransom amount has not been revealed.
BT Group has confirmed that it is actively investigating the incident and working closely with relevant authorities. The company assured that the attack was limited to specific parts of the Conferencing platform, with its core services remaining unaffected.
“We detected an attempt to compromise our BT Conferencing platform. The issue was contained to certain elements of the platform, which were quickly taken offline and isolated,” a BT Group spokesperson explained. We are thoroughly investigating all aspects of this incident and are collaborating with regulatory and law enforcement bodies as part of our response,” the spokesperson added.
The group alleges that it has obtained 500GB of sensitive data in the attack, including financial records, organizational details, “user and personal documents,” NDAs, and other confidential information. To back up these claims, the attackers shared screenshots of documents, folder listings, and additional materials. They have also threatened to leak the files soon if the company fails to meet their ransom demands.
I am one of the editors here at www.systemtek.co.uk I am a UK based technology professional, with an interest in computer security and telecoms.