French military contractor Atos denies breach claims by Space Bear ransomware gang

Atos, a French tech giant that secures communications for the nation's military and secret services, has denied claims by the Space Bears ransomware group that it was the victim of a cyberattack. The company stated on December 29 that its initial analysis showed "no evidence of any compromise or ransomware affecting any Atos/Eviden systems in any country."

The Allegations

The Space Bears ransomware gang, a relatively new cybercrime operation that emerged in April 2024, claimed on December 28 that it had breached Atos' network and stolen sensitive company data. The group, known for its double extortion tactics, announced plans to publish the alleged database on its dark web leak site on January 3.

Space Bears has quickly gained notoriety, adding 45 victims across industries such as healthcare, aerospace, and telecommunications to its leak blog since its inception. The group uses stolen data as leverage to pressure victims into paying ransoms, threatening to expose the information if demands are not met.

Atos’ response

Atos, which employs approximately 82,000 people and generates annual revenue of around €10 billion, refuted the claims, emphasizing that there was no breach of its systems. A spokesperson for Atos told BleepingComputer that the ransomware group’s allegations were unfounded.

In a statement issued on Friday, Atos clarified:

"No infrastructure managed by Atos was breached, no source code accessed, and no Atos IP or Atos proprietary data exposed."

The alleged breach involved "unconnected external third-party infrastructure," which, while containing references to Atos, was neither managed nor secured by the company.

The firm further highlighted its robust cybersecurity framework, which includes a global network of over 6,500 specialists and 17 next-generation security operations centers (SOCs) operating around the clock.