Two Brazil Electric Power Utility Firms Disclosed Ransomware Attack Around The Same Time

Continuing the ransomware attack victim’s list, two more firms from Brazil now join the trail. This time, the victims include two electric power utility firms from Brazil that suffered the ransomware attack. Both the firms suffer temporary operational disruptions following the incident.

Brazil Electric Power Utility Firms Suffered Ransomware Attack

Specifically, two state-controlled electric power utility firms in Brazil fell prey to a ransomware attack recently.

One of these, Centrais Eletricas Brasileiras (Eletrobras) is the biggest power utility in Latin America. Founded in 1962, it’s also the tenth-largest in the world.

Whereas, the other victim firm, Companhia Paranaense de Energia (Copel), serves as the major power utility firm in the Brazilian state of Parana.

In the case of Electrobras, the ransomware attack specifically targeted the administrative network servers of its subsidiary Electronuclear.

As elaborated in a security notice, the incident didn’t precisely affect the operations at nuclear power plants of Angra 1 and Angra 2, which remain isolated from the network for security reasons

Upon detecting the incident, the firm contained the attack and suspended some of the systems for security. Electronuclear also informed the relevant authorities about the incident.

It remains unclear what type of ransomware hit the firm and whether Electronuclear has also suffered a data breach.

On the other hand, Copel has possibly suffered a data breach as well. This detail surfaced online as the attackers from the DarkSide ransomware gang claimed to have stolen over 1000 GB of data from the company’s network.

According to DataBreaches.net, the breached data includes,

-CyberArk storage with clear-text passwords from all local and internet infrastructure
-Network maps & diagrams, backup schemes & schedules, domain zones for copel.com(internet) / copel.nt (intranet) domains, full AD info, dump of DC DB(ntds.tid)
-Phone numbers, emails, IDs and more personal data of employers and customers (firstly top management)
-NDA, some contracts and some finance information
-Detailed engineering schemes, plans, network switches

Copel, however, hasn’t confirmed any data breach, yet they assured investigations of the matter. It’s also unclear whether they have paid or will pay the ransom to the attackers.

Related posts

Water Facilities Must Secure Exposed HMIs – Warns CISA

Microsoft December Patch Tuesday Arrived With 70+ Bug Fixes

NachoVPN Attack Risks Corporate VPN Clients