Netwalker Dumped Data Stolen From K-Electric Online Upon Not Receiving The Ransom

A couple of weeks ago, Pakistan’s largest power utility K-Electric suffered a ransomware attack. Later, unofficial sources confirmed it was a Netwalker attack. Now, things have become clearer as Netwalker dumped the data stolen from K-Electric.

Netwalker Dumped Stolen K-Electric Data

According to Bleeping Computer, who further confirmed the matter from a local cybersecurity firm Rewterz, the Netwalker ransomware gang has dumped stolen K-Electric data files publicly.

K-Electric suffered a ransomware attack in September 2020, something which the firm didn’t disclose initially. Rather they simply called it a “cyber-incident”. However, sources confirmed that the KE had fallen prey to a Netwalker ransomware attack.

The attackers initially demanded $3.85 million as a ransom to be paid within 7 days, failing which would double the ransom amount.

However, it’s now evident that KE didn’t pay any ransom, which led the attackers to dump the stolen data online.

At the time of the incident, Netwalker clearly stated that they had stolen (unencrypted) data files from the firm.

Certainly, this has now been confirmed as, according to the data analyzed by Rewterz, the dumped data even includes clear images of customers’ bills.

Source: Bleeping Computer

Besides, the leaked 8.5GB archive also includes KE’s financial information, unaudited profit and loss statements, engineering reports and diagrams for turbines, maintenance logs, and more.

KE Yet To Respond

Ironically, just before the news about the data dump surfaced online, K-Electric posted a detailed update on its Facebook page. In it, they admitted the ransomware attack and assured about having strengthened its security status.

Besides, they also assured that the customers’ data remained safe during the incident.

Following internal forensic investigations, the company confirmed that customer data had remained intact and secure and initiated the restoration of those services that had been isolated, while adhering to cyber security guidelines.

However, given the extent of data dumped online, that even includes customers’ latest bills, things seem otherwise.

KE hasn’t issued any statement in this regard until the time of writing this article

Related posts

Hard-Coded Credentials Vulnerability Found In Kubernetes Image Builder

Critical Vulnerability Patched In Jetpack WordPress Plugin

Astaroth Banking Malware Runs Actively Targets Users In Brazil