Hackers hit Sweden’s power grid operator Svenska kraftnät, stealing data via a file transfer tool. The power grid was not affected.
Hackers breached Sweden’s state-owned power grid operator Svenska kraftnät, stealing data from an isolated file transfer system. The power grid operations were not impacted by the cyber incident.
The Swedish company on Monday disclosed a cyberattack against an isolated, external file transfer system that resulted in a data breach. Svenska kraftnät identified a data breach on Saturday evening.
“We can confirm that Svenska kraftnät has been subjected to a data breach that means access to certain information.” reads a notice published by the company. “We are now investigating what information has been leaked and how it may affect us. We see no indications that the electricity system is affected, says Cem Göcgoren, Head of Information Security at Svenska kraftnät.”
Svenska kraftnät has notified law enforcement and local authorities and is investigating the incident with their support.
“We take this breach very seriously and have taken immediate action. We understand that this may cause concern, but the electricity supply has not been affected by this breach” says Cem Göcgoren, Head of Information Security, Svenska kraftnät. “Since the data breach was brought to light on Saturday, an intensive investigation has been underway to evaluate the scope of the breach and the potential consequences it could have. The incident has been reported to the police.”
Svenska kraftnät confirmed a cyberattack that compromised an external file transfer system but emphasized that Sweden’s electricity supply and power transmission remain unaffected. The organization is still investigating the breach and has not yet identified the perpetrators or their motivation. Officials stated that, so far, there is no indication that mission-critical systems were impacted. Efforts are focused on securing affected systems and analyzing the scope of the data leak, with updates to be provided as more information becomes available.
Everest ransomware group claimed responsibility for the attack and added the company to its Tor data leak site. The cybercrime group claims the of 280 GB of data from the organization.
Svenska kraftnät is Sweden’s state-owned power grid operator responsible for managing, maintaining, and developing the national electricity transmission system. It ensures reliable power distribution across the country, balances electricity supply and demand, and safeguards the stability of Sweden’s energy infrastructure.
The Everest ransomware group has been active since the end of 2020. The group recently made headlines after its attack on Collins Aerospace disrupted operations at major European airports.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, power grid)
