REvil Ransomware Gang publishes 'Elexon Staff's Passports'

upnorth

Moderator
Thread author
Verified
Staff Member
Malware Hunter
Well-known
Jul 27, 2015
5,456
The REvil/Sodinokibi ransomware gang has just published what it claimed were files stolen from UK power grid middleman Elexon.

As reported here, the company was hacked two weeks ago. The stolen data was published on REvil's Tor webpage as a cache of 1,280 files, which we understand include documents that appeared to be passports of Elexon staff members and an apparent business insurance application form. The Register has not verified whether the cache, in a .rar file, contains further information intended to harm Elexon and its staff. Elexon said at the time of the "cyber attack" in mid-May that it had identified the "root cause" and was "taking steps to restore" its IT systems.

Responsible for a key financial part of the UK's part-privatised electricity markets, Elexon tots up forecast electrical demand from the whole nation in half-hour blocks. It then reconciles the forecast against actual demand and electrical generation supplied to the National Grid. Cash then flows either from the grid to generators (in cases where supply exceeded demand, so the forecast was wrong) or in the other direction, where underperforming power generators pay the grid for not supplying enough at the right times.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top