Security Affairs
Ryuk Ransomware Member Pleads Guilty Over Attacks on U.S. Organizations|Progress Told ShareFile Customers to Pull the Plug on Their Servers. Here’s What We Know.|SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 105|Security Affairs newsletter Round 585 by Pierluigi Paganini – INTERNATIONAL EDITION|U.S. CISA adds iCagenda and Balbooa Forms flaws to its Known Exploited Vulnerabilities catalog|Critical U-Boot Bugs Undermine Secure Boot on Millions of Devices|Update Now: Critical Zimbra Classic Web Client Flaw Could Expose Mailboxes|Ransomware Never Stopped: Over 9,000 Confirmed Attacks Since 2018|222 GitHub Repositories Linked to Fake Go Package Malware Operation|Former Ransomware Negotiator Sentenced to 70 Months in Prison for Secretly Helping BlackCat Gang|GigaWiper Merges Three Malware Families Into One Destructive Backdoor|INTERPOL Operation First Light Nets 5,811 Arrests and Seizes $293 Million|Ryuk Ransomware Member Pleads Guilty Over Attacks on U.S. Organizations|Progress Told ShareFile Customers to Pull the Plug on Their Servers. Here’s What We Know.|SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 105|Security Affairs newsletter Round 585 by Pierluigi Paganini – INTERNATIONAL EDITION|U.S. CISA adds iCagenda and Balbooa Forms flaws to its Known Exploited Vulnerabilities catalog|Critical U-Boot Bugs Undermine Secure Boot on Millions of Devices|Update Now: Critical Zimbra Classic Web Client Flaw Could Expose Mailboxes|Ransomware Never Stopped: Over 9,000 Confirmed Attacks Since 2018|222 GitHub Repositories Linked to Fake Go Package Malware Operation|Former Ransomware Negotiator Sentenced to 70 Months in Prison for Secretly Helping BlackCat Gang|GigaWiper Merges Three Malware Families Into One Destructive Backdoor|INTERPOL Operation First Light Nets 5,811 Arrests and Seizes $293 Million|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

DMEA Colorado electric utility hit by a disruptive cyberattack

A ransomware attack hit an electric utility in Colorado causing a significant disruption and damage. The Delta-Montrose Electric Association (DMEA) is a local electric cooperative located in Colorado, it is part of Touchstone Energy Cooperatives. The company has discovered a security breach on November 7, the attack disrupted phone, email, billing, and customer account systems. The […]

Reynolds ransomware uses BYOVD to disable security before encryption ransomware

A ransomware attack hit an electric utility in Colorado causing a significant disruption and damage.

The Delta-Montrose Electric Association (DMEA) is a local electric cooperative located in Colorado, it is part of Touchstone Energy Cooperatives.

The company has discovered a security breach on November 7, the attack disrupted phone, email, billing, and customer account systems.

The company also confirmed that internal documents have been “corrupted,” a circumstance that suggests that DMEA was hit by a ransomware attack. At the time of this writing, no ransomware gang has claimed responsibility for the security breach.

90% of internal controls and systems were corrupted by the cyber attack and most of the historical data dating back more than 20 years was compromised. DMEA retained forensic experts to investigate the scope of the incident.

“DMEA was the victim of a cyber-attack on November 7, 2021. DMEA discovered a targeted effort to access portions of our internal network system by an unauthorized third party. As a result, DMEA lost 90% of internal network functions, and a good portion of our data, such as saved documents, spreadsheets, and forms, was corrupted. It also impacted our phones and emails. Our power grid and fiber network remain unaffected by the incident.”reads the data breach notice published by the company.

According to the notice, all penalty fees and disconnections for non-payment will be suspended until January 31, 2022.

DMEA pointed out it hasn’t found evidence that sensitive data was compromised due to the security breach. In a recent update, the company declared that it estimates it will be able to resume member billing the week of December 6 – 10.

“We are highly confident no sensitive member or employee information has been compromised,” the company said.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, Colorado Electric Utility)

[adrotate banner=”5″]

[adrotate banner=”13″]