Ransomware

Energy company EDP confirms cyberattack

0

EDP Renewables North America (EDPR NA) has revealed a cyberattack which was due to a ransomware that affected the systems of parent company Energias de Portugal (EDP), possibly leading to information exposure.

The energy company sent letters to their customers apologizing for the incident but insisted that there is “no evidence” of any consumer information being compromised or stolen.

The company that operates in 19 countries provides energy to more than 11 million customers.

EDP suffered a ransomware attack on April 13 and EDPR NA became aware of the ransomware infection from its parent company on May 8.

According to the letter sent by the company, the attackers attained unauthorized access to at least some information stored on the company’s own information systems. Since then, EDPR NA has worked diligently and on an expedited basis to identify the individuals potentially affected by this incident.

EDPR NA stated that the customers must be aware of the incident as they save the customer names and Social Security numbers, even though payment card information was not included in the potential data breach.

The company is offering customers a year of free Experian identity protection, a standard offering due to how common data breaches have become.

It is found that the ransomware that had infected appears to be Ragnar Locker whose operators usually target corporate entities rather than the general public.

Recently, security researchers explained about an interesting technique used by the threat actors to deploy Ragnar Locker, where the virtual machines (VMs) are used to load the malware in order to bypass existing security software.

Here, the ransomware note demanded 1580 Bitcoin (BTC), which comes to around $10 million. The attackers informed EDP that more than 10TB of information had been taken from impacted systems, and they were willing to decrypt some files for free.

In case, the company refuse to make the ransom payment, the attackers threatened to publish the data or sell sensitive and confidential information about the customer’s transactions, billing, contracts, clients, and partners.

Image Credits : Yahoo

Priyanka R
Cyber Security Enthusiast, Security Blogger, Technical Editor, Author at Cyber Safe News

    How Will The World Look Like In 2025 And The Future Of Cybersecurity

    Previous article

    Microsoft seizes domains used in COVID-19-related cybercrime

    Next article

    You may also like

    More in Ransomware

    Comments

    Leave a reply

    Your email address will not be published. Required fields are marked *