The Delta-Montrose Electric Association (DMEA) in Colorado is still recovering from a severe hack last month that knocked out 90 percent of its internal systems and wiped out 25 years of historical data. In a message to clients this week, the firm stated that it hopes to be ready to collect payments through its SmartHub platform and other payment kiosks by the week of December 6.
On November 7, the firm began to notice problems, and the malware finally shut down most of its internal network functions. The incident impacted the company’s customer service systems, payment processing tools, billing systems, and other tools.
According to DMEA, the hackers targeted certain portions of the company’s internal network and damaged stored documents, spreadsheets, and forms, implying a ransomware attack. The incident even impacted the company’s phone and email systems, but DEMA stated that the fiber network and power grid were unaffected by the attack.
The energy firm engaged cybersecurity specialists to look into the event, but over a month later, they are still having problems recovering. To deal with the disruptions, they made interim payment arrangements and banned all penalty charges and disconnections for non-payment until January 31, 2022.
DMEA claims that no sensitive data from customers or staff was compromised despite the system’s destruction. However, they must now restore their systems using a “phased restoration methodology.” According to DMEA CEO Alyssa Clemsen Roberts, the damage on their systems was “substantial,” with a significant amount of their stored data, such as forms and documents, corrupted.
According to Saryu Nayyar, CEO of cybersecurity startup Gurucul, Utilities have complicated networks that frequently mix business operations with mission control. Similar flaws were present in the headline-grabbing ransomware operation on Colonial Pipeline earlier this year. The company’s business IT networks were attacked, forcing the energy-producing side to struggle as well.