Security News > 2022 > December > Colombian energy supplier EPM hit by BlackCat ransomware attack
Colombian energy company Empresas Públicas de Medellín suffered a BlackCat/ALPHV ransomware attack on Monday, disrupting the company's operations and taking down online services.
The Prosecutor's Office later confirmed to EL COLOMBIANO that ransomware was behind the attack on EPM that caused devices to be encrypted and data to be stolen.
BleepingComputer has since learned that the BlackCat ransomware operation, aka ALPHV, was behind the attacks, claiming to have stolen corporate data during the attacks.
BleepingComputer has also seen the encryptor sample and ransom notes from the EPM attack and has confirmed that they are from the BlackCat ransomware operation.
While the ransom note created in the attack states that the threat actors stole a wide variety of data, it should be noted that this is the exact text used in all BlackCat ransom notes and is not specific to EPM. However, further discoveries indicate that hackers likely stole quite a bit of data from EPM during the attack.
This is not the first time a ransomware attack has targeted a Colombian energy company.
News URL
Related news
- Romanian energy supplier Electrica hit by ransomware attack (source)
- Ransomware attack hits leading heart surgery device maker (source)
- US sanctions Chinese firm for hacking firewalls in ransomware attacks (source)
- US sanctions Chinese cybersecurity company for firewall compromise, ransomware attacks (source)
- Lynx ransomware behind Electrica energy supplier cyberattack (source)
- US Sanctions Chinese Cybersecurity Firm for 2020 Ransomware Attack (source)
- Starbucks, Supermarkets Targeted in Ransomware Attack (source)
- CISA confirms critical Cleo bug exploitation in ransomware attacks (source)
- Clop ransomware claims responsibility for Cleo data theft attacks (source)
- Rhode Island confirms data breach after Brain Cipher ransomware attack (source)