Data breaches and Energy and Utilities - Cyber Security Informer

Nova Scotia Power discloses data breach after March security incident

Security Affairs

MAY 15, 2025

Nova Scotia Power confirmed a data breach involving the theft of sensitive customer data after the April cybersecurity incident. is a vertically integrated electric utility serving the province of Nova Scotia, Canada. or Caribbean utilities. Nova Scotia Power Inc.

Data breaches

Data breaches Energy and Utilities Accountability Insurance

Nova Scotia Power confirms it was hit by ransomware attack but hasn’t paid the ransom

Security Affairs

MAY 27, 2025

is a vertically integrated electric utility serving the province of Nova Scotia, Canada. Its operations encompass generation, transmission, and distribution of electricity, utilizing a diverse mix of energy sources including coal, natural gas, hydroelectric, wind, tidal, oil, and biomass. or Caribbean utilities.

Energy and Utilities

Energy and Utilities Ransomware Data breaches Accountability

Breach at Hy-Vee Supermarket Chain Tied to Sale of 5M+ Stolen Credit, Debit Cards

Krebs on Security

AUGUST 22, 2019

Multiple sources now tell KrebsOnSecurity that the card data came from compromised gas pumps, coffee shops and restaurants operated by Hy-Vee , an Iowa-based company that operates a chain of more than 245 supermarkets throughout the Midwestern United States. “This encryption technology protects card data by making it unreadable.

Energy and Utilities

Energy and Utilities Retail Data breaches Marketing

DMEA Colorado electric utility hit by a disruptive cyberattack

Security Affairs

DECEMBER 6, 2021

A ransomware attack hit an electric utility in Colorado causing a significant disruption and damage. The Delta-Montrose Electric Association (DMEA) is a local electric cooperative located in Colorado, it is part of Touchstone Energy Cooperatives. ”reads the data breach notice published by the company.

Energy and Utilities

Energy and Utilities Cyber Attacks Ransomware Data breaches

FBI’s Vetted Info Sharing Network ‘InfraGard’ Hacked

Krebs on Security

DECEMBER 13, 2022

Prior to its infiltration by the FBI, RaidForums sold access to more than 10 billion consumer records stolen in some of the world’s largest data breaches. Department of Justice in April.

Hacking

Hacking Energy and Utilities Cybercrime Accountability

Scanning for Flaws, Scoring for Security

Krebs on Security

DECEMBER 12, 2018

Earlier this year, FICO began touting its Cyber Risk Score (PDF), which seeks to measure an organization’s chances of experiencing a data breach in the next 12 months, based on a variety of measurements tied to the company’s public-facing online assets. In October, FICO teamed up with the U.S. ARE YOU EXPERIANSED?

Cyber Risk

Cyber Risk Energy and Utilities Risk Marketing

CISA Cuts: What They Mean for Cyber Defense for All

SecureWorld News

APRIL 10, 2025

Organizationsparticularly those in critical sectors such as energy, healthcare, and financerely on CISA for guidance on emerging threats and best practices. Increased vulnerability: As the nation's cybersecurity defense is stretched thinner, everyday users may face higher risks of cyberattacksfrom data breaches to service disruptions.

Energy and Utilities

Energy and Utilities Backups Healthcare Cybersecurity

Resecurity Released a 2024 Cyber Threat Landscape Forecast

Security Affairs

DECEMBER 26, 2023

Securities and Exchange Commission regulations are expected to fuel heightened interest among malicious actors in orchestrating network intrusions and data breaches within these entities.

Cyber threats

Cyber threats Energy and Utilities Cyber Attacks Artificial Intelligence

‘Everyone’s half asleep, and bosses don’t want trouble’: The struggle to secure utilities

SC Magazine

FEBRUARY 16, 2021

Padraic O’Reilly, co-founder of cyber risk firm CyberSaint, shared insights with SC Media, having worked directly with water systems, electric providers, energy companies and other utilities to assess cyber risk and prevent cyberattacks. Is the approach by utilities different than at private sector companies?

Energy and Utilities

Energy and Utilities Risk Cyber Risk Government

The Only Thing Surprising About The Crippling Ransomware Attack On A Major US Fuel Pipeline Is That Anyone Is Surprised That The Attack Succeeded

Joseph Steinberg

MAY 12, 2021

In late 2016, hackers, perhaps acting on behalf of the Russian government, utilized multiple pieces of malware to both knock out power to large segments of Ukraine and to simultaneously disable the phone communications capabilities of the impacted power providers, thereby complicating recovery efforts.

Energy and Utilities

Energy and Utilities Ransomware Artificial Intelligence Cyber Attacks

Analysis of the Crypt Ghouls group: continuing the investigation into a series of attacks on Russia

SecureList

OCTOBER 18, 2024

The group under review has a toolkit that includes utilities such as Mimikatz, XenAllPasswordPro, PingCastle, Localtonet, resocks, AnyDesk, PsExec, and others. To maintain access to the system, the attackers used the NSSM and Localtonet utilities. First, they obtained the NTDS.dit dump with the Ntdsutil utility. and Babuk.

Energy and Utilities

Energy and Utilities VPN Encryption Ransomware

MY TAKE: Memory hacking arises as a go-to tactic to carry out deep, persistent incursions

The Last Watchdog

MARCH 4, 2019

Related: We’re in the midst of ‘cyber Pearl Harbor’ Peel back the layers of just about any sophisticated, multi-staged network breach and you’ll invariably find memory hacking at the core. Allegedly developed by US and Israeli operatives, Stuxnet was discovered circulating through Iranian nuclear energy facilities in 2010.

Hacking

Hacking Energy and Utilities System Administration Accountability

Everest gang demands $200K for data stolen from South Africa state-owned electricity company ESKOM

Security Affairs

OCTOBER 9, 2022

Eskom transforms inputs from the natural environment – coal, nuclear, fuel, diesel, water, and wind – into more than 90% of the energy supplied to a wide range of customers in South Africa and the Southern African Development Community (SADC) region. Government of the Republic of South Africa owned utility ESKOM Hld SOC Ltd.

Energy and Utilities

Energy and Utilities Ransomware InfoSec Hacking

Quantum computing brings new security risks: How to protect yourself

CyberSecurity Insiders

FEBRUARY 1, 2022

The average cost of a data breach reached an all-time high in 2021, and the attack vector grows larger by the minute. Most of our current online privacy protocols utilize cryptography to maintain privacy and data integrity. Even now, our cybersecurity climate is getting hotter. What is quantum computing?

Risk

Risk Social Engineering Threat Detection Encryption

I finally found a Lenovo ThinkPad I'm comfortable taking to the office without a charger

Zero Day

JUNE 20, 2025

It combines all the utility of a ThinkPad with exceptional battery life. Written by Kyle Kucharski, Editor June 20, 2025 at 7:21 a.m. PT ZDNET's key takeaways Lenovo's ThinkPad X1 2-in-1 Aura Edition is available now starting at $2,419. It's expensive, and some of the Aura Edition features are being discontinued.

Password Management

Password Management Small Business Energy and Utilities Software

Critical Success Factors to Widespread Deployment of IoT

Thales Cloud Protection & Licensing

FEBRUARY 16, 2021

Electric grid utilities are deploying smart meters to better correspond to consumers energy demands while lowering costs. Tue, 02/16/2021 - 16:33. Digital technology and connected IoT devices have proliferated across industries and into our daily lives.

IoT

IoT Manufacturing Energy and Utilities Data collection

Cybersecurity Risks of 5G – And How to Control Them

eSecurity Planet

SEPTEMBER 1, 2021

Insecure implementations may result in unauthorized access to threat actors and potential data breaches.” This instance can result in NFV data breaches, resource exhaustion, or DDoS attacks. There are no secure implementation guides or standards for network operators. Attacks at the Network Edge.

Risk

Risk Cybersecurity IoT Wireless

The Essential Guide to Horizon Scanning in Compliance and Regulatory Frameworks

Centraleyes

FEBRUARY 23, 2025

Government policy changes related to data privacy, cybersecurity, sustainability, and more. Use Technology to Stay Informed Utilize data tools and platforms to track changes in regulations and compliance standards. Energy and Environmental Compliance The energy sector is another field where horizon scanning has proven valuable.

Energy and Utilities

Energy and Utilities Data privacy Risk Healthcare

Verizon 2025 DBIR: Tenable Research Collaboration Shines a Spotlight on CVE Remediation Trends

Security Boulevard

APRIL 22, 2025

The 2025 Verizon Data Breach Investigations Report (DBIR) reveals that vulnerability exploitation was present in 20% of breaches a 34% increase year-over-year. To support the report, Tenable Research contributed enriched data on the most exploited vulnerabilities.

Energy and Utilities

Energy and Utilities Authentication Data breaches VPN

Cybersecurity threats: what awaits us in 2023?

SecureList

NOVEMBER 9, 2022

The economic downturn (caused by energy prices, inflation, sanctions, etc.) Businesses most at risk are aerospace and defense contractors, as well as critical infrastructure operators (utilities such as water, electricity, and Internet, but also hospitals and operators of large cyber-physical systems such as dams).

Cybersecurity

Cybersecurity Cyber Insurance Cybercrime IoT

Advanced threat predictions for 2024

SecureList

NOVEMBER 14, 2023

APT targeting turns toward satellite technologies, producers and operators The only known case of an attack utilizing satellite technologies that happened in recent years was the KA-SAT network hack of 2022. They may gather data on competitors, for example, M&A transactions , expansion plans, financials, and customer information.

Hacking

Hacking Energy and Utilities Malware Media

Time of Reckoning – Reviewing My 2024 Cybersecurity Predictions

Security Boulevard

DECEMBER 13, 2024

As 2024 comes to a close, I revisit my forecasts to assess their utility in guiding meaningful decisions. Critical Infrastructure Targets Grade: PASS Critical infrastructure remains a primary target, with sectors like energy and healthcare facing ransomware and disruptive attacks. Sources : Verizon Data Breach Report , ISACA Insights.

Cybersecurity

Cybersecurity Energy and Utilities CISO Marketing

11:11 Systems Completes Acquisition of iland; Combined Offering to Unlock the Power of Connectivity, Cloud and Security

CyberSecurity Insiders

JANUARY 20, 2022

Merging with 11:11 Systems will make iland a one-stop-shop for cloud, security, and connectivity utilizing the market’s most trusted solutions.”. Tiger Infrastructure targets investments in communications, energy transition, transportation, and related sectors, primarily located in North America and Europe.

Marketing

Marketing Energy and Utilities Backups Artificial Intelligence

Application Security Assessment: Protect from Threats in the G Suite Marketplace

Spinone

AUGUST 25, 2020

This includes third-party applications that are allowed access to corporate data. Its AI-based approach to analyze third-party apps saves IT personnel and G Suite administrators tremendous amounts of time and energy protecting the G Suite environment. This can be a potential for a data breach.

Energy and Utilities

Energy and Utilities Risk Accountability Technology

How Blockchain Can Drive Legal Industry Forward

Spinone

SEPTEMBER 3, 2018

Financial institutions, healthcare, public sector and government agencies, manufacturing, and energy companies are all embracing digital business trends. Now, let’s take a quick look at the recent top data leaks of the world’s largest law practices. Leading offshore firm Appleby admitted it was the victim of a hack in 2016.

Technology

Technology Energy and Utilities Authentication Cyber Attacks

The CyberWire Daily Podcast EP. 389 With Guest Speaker David Brumley

ForAllSecure

AUGUST 14, 2019

Its apparent goal is espionage directed against the financial and energy sectors. The company believes that criminals are, quote, "utilizing bots to submit fraudulent admissions applications and obtain institution email addresses through admission application portals," quote. Government agencies are also targeted.

Energy and Utilities

Energy and Utilities Penetration Testing Government Software

The CyberWire Daily Podcast EP. 389 With Guest Speaker David Brumley

ForAllSecure

AUGUST 14, 2019

Its apparent goal is espionage directed against the financial and energy sectors. The company believes that criminals are, quote, "utilizing bots to submit fraudulent admissions applications and obtain institution email addresses through admission application portals," quote. Government agencies are also targeted.

Energy and Utilities

Energy and Utilities Penetration Testing Government Software

THE CYBERWIRE DAILY PODCAST EP. 389 WITH GUEST SPEAKER DAVID BRUMLEY

ForAllSecure

AUGUST 14, 2019

Its apparent goal is espionage directed against the financial and energy sectors. The company believes that criminals are, quote, "utilizing bots to submit fraudulent admissions applications and obtain institution email addresses through admission application portals," quote. Government agencies are also targeted.

Energy and Utilities

Energy and Utilities Penetration Testing Government Software

Protecting Industrial Control Systems Against Cyberattacks – Part 2

Security Boulevard

MAY 5, 2021

They form the backbone of industrialized society, including energy and power grids, food and beverage plants, oil and gas refineries, recycling plants, transportation systems, water treatment plants, manufacturing facilities and many more. Webinar: Analysis of the Florida Water Utility Cyberattack. Commercial Facilities.

Energy and Utilities

Energy and Utilities Manufacturing Data breaches Phishing

Cyber Security Roundup for April 2021

Security Boulevard

MARCH 31, 2021

However, one recently introduced UK cybersecurity law, which was meant to boost the resilience of the UK's energy sector by obliging gas and electricity firms to report to hacks, doesn't appear to be very effectively adopted. ISPs, utilities) and energy sector firms (i.e. Russian Pleads Guilty to Tesla Ransomware Plot.

Energy and Utilities

Energy and Utilities Ransomware Hacking Banking

The Evolving Cybersecurity Threats to Critical National Infrastructure

Thales Cloud Protection & Licensing

OCTOBER 23, 2023

The 2023 Thales Data Threat Report Critical Infrastructure Edition , which includes responses from 365 security leaders and practitioners within critical infrastructure organizations, serves as a fine reminder of the requirement to embed security into the culture of every organization and individual.

Energy and Utilities

Energy and Utilities Cybersecurity Ransomware Technology

How Cybersecurity Can Save Critical Infrastructure

Thales Cloud Protection & Licensing

AUGUST 12, 2024

The Critical Infrastructure edition of the 2024 Thales Data Threat Report highlights the threats that businesses in the Energy, Utilities, Telecom, Transportation, and Logistics sectors face. 15% of the CI organizations have experienced a breach in the last 12 months, with ransomware being the biggest threat.

Cybersecurity

Cybersecurity Energy and Utilities Digital transformation Threat Reports

Security Affairs newsletter Round 344

Security Affairs

DECEMBER 12, 2021

Western Digital SanDisk SecureAccess flaws allow brute force and dictionary attacks New ‘Karakurt’ cybercrime gang focuses on data theft and extortion Cybereason released Logout4Shell, a vaccine for Log4Shell Apache Log4j RCE Volvo Cars suffers a data breach. Is it a ransomware attack?

Energy and Utilities

Energy and Utilities Ransomware Cryptocurrency Data breaches

Cyber CEO: Cybersecurity in 2021 – What We’ve Learned So Far

Herjavec Group

JULY 29, 2021

I’ve always believed that the best way to build a strong cybersecurity program is to utilize all the data. Ransomware-as-a-Service (RaaS) has emerged as a result of increasingly sophisticated phishing methods, coordinated sharing of leaked data, and a growing dark web community. In the U.S.,

Cybersecurity

Cybersecurity Digital transformation Cyber Attacks Ransomware

Key Cybersecurity Trends for 2025. My Predictions

Jane Frankland

JANUARY 12, 2025

Its a strategy of patience, allowing them to gather intelligence, assess vulnerabilities, and wait for the perfect moment to actwhether to disrupt operations, extract data, or gain geopolitical leverage. Critical infrastructure face heightened risk from targeted disruptions, as do small businesses who are the backbone of the economy.

Cybersecurity

Cybersecurity CISO Insurance IoT

LW ROUNDTABLE: Lessons learned from the headline-grabbing cybersecurity incidents of 2024

The Last Watchdog

DECEMBER 15, 2024

water utility, highlights the escalating threat to critical infrastructure. Ransomware groups like AlphV, LockBit, and BlackCat used advanced tactics, while misconfigured cloud storage and unsecured data led to major breaches. Such incidents disrupt essential services, causing economic damage and public safety risks.

Cybersecurity

Cybersecurity Cyber threats CISO Energy and Utilities

GUEST ESSAY: HIPAA’s new ‘Safe Harbor’ rules promote security at healthcare firms under seige

The Last Watchdog

FEBRUARY 8, 2021

Meanwhile, the healthcare sector accounted for 79 percent of all reported data breaches during the first 10 months of 2020, a study by Fortified Health Security tells us. Popularly, many organizations utilize HIPAA compliance software to streamline their compliance efforts and for the value it offers. Promoting best practices.

Healthcare

Healthcare Energy and Utilities Accountability Insurance

DHS and FBI – Hackers Are Targeting US Nuclear, Energy, and Manufacturing Facilities

Privacy and Cybersecurity Law

JULY 11, 2017

According to a new joint report issued by the US Department of Homeland Security (DHS) and Federal Bureau of Investigation (FBI), hackers have been penetrating the computer networks of companies that operate nuclear power stations, energy facilities, and manufacturing plants in the US since May 2017.

Manufacturing

Manufacturing Energy and Utilities Cyber Attacks Engineering

Ethics in Data Collection

SecureWorld News

MARCH 8, 2021

For example, by taking patient data and using it for things like research and development, businesses, particularly those in healthcare, can utilize that data and maximize innovation. One of the ways these businesses have adapted is they have incorporated new technologies to maximize profits in the current landscape.

Data collection

Data collection Healthcare Data privacy Energy and Utilities

Nova Scotia Power discloses data breach after March security incident

Nova Scotia Power confirms it was hit by ransomware attack but hasn’t paid the ransom

Trending Sources

Breach at Hy-Vee Supermarket Chain Tied to Sale of 5M+ Stolen Credit, Debit Cards

DMEA Colorado electric utility hit by a disruptive cyberattack

FBI’s Vetted Info Sharing Network ‘InfraGard’ Hacked

Scanning for Flaws, Scoring for Security

CISA Cuts: What They Mean for Cyber Defense for All

Resecurity Released a 2024 Cyber Threat Landscape Forecast

‘Everyone’s half asleep, and bosses don’t want trouble’: The struggle to secure utilities

The Only Thing Surprising About The Crippling Ransomware Attack On A Major US Fuel Pipeline Is That Anyone Is Surprised That The Attack Succeeded

Analysis of the Crypt Ghouls group: continuing the investigation into a series of attacks on Russia

MY TAKE: Memory hacking arises as a go-to tactic to carry out deep, persistent incursions

Everest gang demands $200K for data stolen from South Africa state-owned electricity company ESKOM

Quantum computing brings new security risks: How to protect yourself

I finally found a Lenovo ThinkPad I'm comfortable taking to the office without a charger

Critical Success Factors to Widespread Deployment of IoT

Cybersecurity Risks of 5G – And How to Control Them

The Essential Guide to Horizon Scanning in Compliance and Regulatory Frameworks

Verizon 2025 DBIR: Tenable Research Collaboration Shines a Spotlight on CVE Remediation Trends

Cybersecurity threats: what awaits us in 2023?

Advanced threat predictions for 2024

Time of Reckoning – Reviewing My 2024 Cybersecurity Predictions

11:11 Systems Completes Acquisition of iland; Combined Offering to Unlock the Power of Connectivity, Cloud and Security

Application Security Assessment: Protect from Threats in the G Suite Marketplace

How Blockchain Can Drive Legal Industry Forward

The CyberWire Daily Podcast EP. 389 With Guest Speaker David Brumley

The CyberWire Daily Podcast EP. 389 With Guest Speaker David Brumley

THE CYBERWIRE DAILY PODCAST EP. 389 WITH GUEST SPEAKER DAVID BRUMLEY

Protecting Industrial Control Systems Against Cyberattacks – Part 2

Cyber Security Roundup for April 2021

The Evolving Cybersecurity Threats to Critical National Infrastructure

How Cybersecurity Can Save Critical Infrastructure

Security Affairs newsletter Round 344

Cyber CEO: Cybersecurity in 2021 – What We’ve Learned So Far

Key Cybersecurity Trends for 2025. My Predictions

LW ROUNDTABLE: Lessons learned from the headline-grabbing cybersecurity incidents of 2024

GUEST ESSAY: HIPAA’s new ‘Safe Harbor’ rules promote security at healthcare firms under seige

DHS and FBI – Hackers Are Targeting US Nuclear, Energy, and Manufacturing Facilities

Ethics in Data Collection

Stay Connected