French technology giant Atos has refuted claims by the ransomware group Space Bears that its systems were compromised, asserting that no evidence of a breach or ransom demand has been found. In a statement released on December 28, Atos clarified the results of its investigation, addressing concerns raised by the allegations.
“At this stage, the initial analysis shows no evidence of any compromise or ransomware affecting any Atos/Eviden systems in any country, and no ransom demand has been received to date,” the company stated.
Investigation and Clarifications
Although no compromise has been confirmed, Atos has deployed a dedicated cybersecurity team to thoroughly investigate the matter. The claims originated from Space Bears, a ransomware group with ties to Phobos Ransomware as a Service (RaaS). The group alleged that it had breached Atos' internal database and accessed sensitive data.
Atos clarified that the breach targeted “external third-party infrastructure, unconnected to Atos,” which “contained data mentioning the Atos company name but is not managed nor secured by Atos.”
The company emphasized its robust security operations, highlighting its global network of over 6,500 specialized cybersecurity experts and 17 next-generation security operations centers (SOCs) that operate around the clock to protect Atos and its customers.
“Atos has a global network of more than 6,500 specialized experts and 17 new-generation security operations centers (SOCs) operating 24/7 to ensure the security of the Group and its customers,” the statement emphasized.
Space Bears: A Rising Ransomware Threat
Space Bears, which emerged in April 2024, has gained notoriety for its sophisticated and aggressive extortion tactics. The group employs double extortion methods, encrypting victims’ data while threatening to release it publicly unless demands are met. Space Bears operates data leak sites on both the dark web and clearnet, leveraging tactics such as corporate imagery and “walls of shame” to maximize reputational damage.
The ransomware group has previously targeted organizations like Canadian software firm Haylem, orthophonics clinic Un Museau Vaut Mille Mots, and Lexibar, a language disorder provider. More recently, Space Bears claimed responsibility for attacks on Canada’s JRT Automatisation and India’s Aptus in December 2024.
While Atos maintains that no proprietary data, source code, or intellectual property was accessed, the company acknowledged the gravity of the situation. “We take such threats very seriously,” Atos affirmed.
This incident underscores the ever-evolving cyber threat landscape faced by multinational corporations and the growing sophistication of ransomware groups like Space Bears, highlighting the need for constant vigilance and robust cybersecurity measures.