Hackers Stole Data From Multiple Electric Utilities in Recent Ransomware Attack
Hackers stole data belonging to multiple electric utilities in an October ransomware attack on a US government contractor that handles critical infrastructure projects across the country, according to a memo describing the hack obtained by CNN. From the report: Federal officials have closely monitored the incident for any potential broader impact on the US power sector while private investigators have combed the dark web for the stolen data, according to the memo sent this month to power company executives by the North American grid regulator's cyberthreat sharing center. The previously unreported incident is a window into how ransomware attacks on critical US companies are handled behind the scenes as lawyers and federal investigators quietly spring into action to determine the extent of the damage. The ransomware attack hit Chicago-based Sargent & Lundy, an engineering firm that has designed more than 900 power stations and thousands of miles of power systems and that holds sensitive data on those projects. The firm also handles nuclear security issues, working with the departments of Defense, Energy and other agencies "to strengthen nuclear deterrence" and keep weapons of mass destruction out of terrorists' hands, according to its website. Two people familiar with the investigation of the Sargent & Lundy hack told CNN that the incident was contained and remediated, and didn't appear to have a broader impact on other power-sector firms. There is no sign that data stolen from Sargent & Lundy, which includes "model files" and "transmission data" the firm uses for utility projects, is on the dark web, according to the memo from the Electricity Information Sharing and Analysis Center.
Read more of this story at Slashdot.