Ransomware group claims breach Atos database

French technology company Atos SE has disclosed a potential cybersecurity incident following claims made by the ransomware group known as Space Bears. On December 28, 2024, the hackers claimed to have compromised an Atos database, though the company states that their initial investigation has found no evidence of compromise.

Atos, which specializes in digital transformation, cybersecurity, cloud services, and high-performance computing says that their preliminary analysis indicates no signs of compromise or ransomware infection across any Atos/Eviden systems in any country. The company reports that no ransom demands have been received as of the announcement date.

The type and scope of potentially exposed data have not been disclosed. No information about affected individuals or systems.

Atos has emphasized that they are treating these allegations with utmost seriousness. Their cybersecurity team is currently conducting an active investigation into the situation, and they have committed to providing updates if there is new information.

Update - as of 1st of January 2025, Atos has denied claims by Space Bears ransomware group about a successful breach, stating that initial investigations found no evidence of infiltration into either its systems or those of its Eviden subsidiary. Atos clarified that the breached third-party infrastructure containing Atos-related data was not connected to or managed by Atos systems.

Following the January 7, 2025 payment deadline set by Space Bears, evidence has emerged suggesting a ransom payment was made, as indicated by a "sold" badge appearing on the group's darknet post. While Atos maintains that neither source code nor proprietary company data was compromised, the ongoing developments and apparent ransom payment raise questions about the full scope and impact of this incident.