Security News > 2022 > December > Colombian energy supplier EPM hit by BlackCat ransomware attack
Colombian energy company Empresas Públicas de Medellín suffered a BlackCat/ALPHV ransomware attack on Monday, disrupting the company's operations and taking down online services.
The Prosecutor's Office later confirmed to EL COLOMBIANO that ransomware was behind the attack on EPM that caused devices to be encrypted and data to be stolen.
BleepingComputer has since learned that the BlackCat ransomware operation, aka ALPHV, was behind the attacks, claiming to have stolen corporate data during the attacks.
BleepingComputer has also seen the encryptor sample and ransom notes from the EPM attack and has confirmed that they are from the BlackCat ransomware operation.
While the ransom note created in the attack states that the threat actors stole a wide variety of data, it should be noted that this is the exact text used in all BlackCat ransom notes and is not specific to EPM. However, further discoveries indicate that hackers likely stole quite a bit of data from EPM during the attack.
This is not the first time a ransomware attack has targeted a Colombian energy company.
News URL
Related news
- How can the energy sector bolster its resilience to ransomware attacks? (source)
- BianLian Threat Actors Exploiting JetBrains TeamCity Flaws in Ransomware Attacks (source)
- JetBrains is still mad at Rapid7 for the ransomware attacks on its customers (source)
- Stanford: Data of 27,000 people stolen in September ransomware attack (source)
- Nissan confirms ransomware attack exposed data of 100,000 people (source)
- TeamCity Flaw Leads to Surge in Ransomware, Cryptomining, and RAT Attacks (source)
- What the Latest Ransomware Attacks Teach About Defending Networks (source)
- Lessons from a Ransomware Attack against the British Library (source)
- Jackson County in state of emergency after ransomware attack (source)
- Panera Bread week-long IT outage caused by ransomware attack (source)