Colorado's DMEA loses billing capability after cyber attack • The Register
Utility biz Delta-Montrose Electric Association loses billing capability and two decades of records after cyber attack
All together now - R, A, N, S, O...
Gareth Corfield Fri 3 Dec 2021 // 22:06 UTC
24 comment bubble on white
A US utility company based in Colorado was hit by a ransomware attack in November that wiped out two decades' worth of records and knocked out billing systems that won't be restored until next week at the earliest.
The attack was detailed by the Delta-Montrose Electric Association (DMEA) in a post on its website explaining that current customers won't be penalised for being unable to pay their bills because of the incident.
"We are a victim of a malicious cyber security attack. In the middle of an investigation, that is as far as I’m willing to go," DMEA chief exec Alyssa Clemsen Roberts told a public board meeting, as reported by a local paper.
She is said to have confirmed that the co-operative's billing systems were also taken down by the attackers, telling a local TV station: "And we lost the majority of our historical data for the last 20-25 years. Since then we have been slowly rebuilding our network."
Billing systems are reportedly not going to be re-established until next week, almost a month after the attack.
Other local newspapers first reported the attack on 16 November, more than a week after it hit on 7 November.
"DMEA discovered a targeted effort to access portions of our internal network system by an unauthorized third party," said the company statement on its website. "As a result, DMEA lost 90 per cent of internal network functions, and a good portion of our data, such as saved documents, spreadsheets, and forms, was corrupted. It also impacted our phones and emails."
Visiting a booby-trapped webpage could give attackers code execution privileges on HP network printers
Lloyd's of London suggests insurers should not cover 'retaliatory cyber operations' between nation states
Wind turbine maker Vestas confirms recent security incident was ransomware
Locked up: UK's Labour Party data 'rendered inaccessible' on third-party systems after cyber attack
Good Grief! Ransomware gang has only gone and pwned the NRA – or so it claims
"We have completed the first few weeks of the investigation," it added, "and are highly confident no sensitive member or employee information was compromised.
Reassuringly, it added: "Our power grid and fiber network remain unaffected by the incident."
Although the company doesn't mention the word "ransomware", that particular strean of badness has a devastating impact on victims. As is typical in ransomware cleanups, DMEA said it is working with "forensic and cybersecurity experts to investigate the scope of the incident". ®
All together now - R, A, N, S, O...
Gareth Corfield Fri 3 Dec 2021 // 22:06 UTC
24 comment bubble on white
A US utility company based in Colorado was hit by a ransomware attack in November that wiped out two decades' worth of records and knocked out billing systems that won't be restored until next week at the earliest.
The attack was detailed by the Delta-Montrose Electric Association (DMEA) in a post on its website explaining that current customers won't be penalised for being unable to pay their bills because of the incident.
"We are a victim of a malicious cyber security attack. In the middle of an investigation, that is as far as I’m willing to go," DMEA chief exec Alyssa Clemsen Roberts told a public board meeting, as reported by a local paper.
She is said to have confirmed that the co-operative's billing systems were also taken down by the attackers, telling a local TV station: "And we lost the majority of our historical data for the last 20-25 years. Since then we have been slowly rebuilding our network."
Billing systems are reportedly not going to be re-established until next week, almost a month after the attack.
Other local newspapers first reported the attack on 16 November, more than a week after it hit on 7 November.
"DMEA discovered a targeted effort to access portions of our internal network system by an unauthorized third party," said the company statement on its website. "As a result, DMEA lost 90 per cent of internal network functions, and a good portion of our data, such as saved documents, spreadsheets, and forms, was corrupted. It also impacted our phones and emails."
Visiting a booby-trapped webpage could give attackers code execution privileges on HP network printers
Lloyd's of London suggests insurers should not cover 'retaliatory cyber operations' between nation states
Wind turbine maker Vestas confirms recent security incident was ransomware
Locked up: UK's Labour Party data 'rendered inaccessible' on third-party systems after cyber attack
Good Grief! Ransomware gang has only gone and pwned the NRA – or so it claims
"We have completed the first few weeks of the investigation," it added, "and are highly confident no sensitive member or employee information was compromised.
Reassuringly, it added: "Our power grid and fiber network remain unaffected by the incident."
Although the company doesn't mention the word "ransomware", that particular strean of badness has a devastating impact on victims. As is typical in ransomware cleanups, DMEA said it is working with "forensic and cybersecurity experts to investigate the scope of the incident". ®
